urlquery - report: rp.seroteforoh.com/?pcrc=55030560&v=2.0

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2023-02-04 04:09:21 UTC	34.120.237.76
cartining-specute.com (1)	0	2021-01-31 23:37:43 UTC	2023-02-03 19:34:43 UTC	18.197.36.77	Unknown ranking
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2023-02-04 04:13:16 UTC	35.162.135.48
cdn-dimi.akamaized.net (30)	0	2022-07-07 13:18:25 UTC	2023-02-03 19:45:26 UTC	95.101.11.11	Domain (akamaized.net) ranked at: 280
ocsp.pki.goog (5)	175	2017-06-14 07:23:31 UTC	2023-02-04 04:09:27 UTC	142.250.74.131
fonts.googleapis.com (1)	8877	2012-05-23 12:41:44 UTC	2023-02-04 04:29:26 UTC	142.250.74.74
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2023-02-04 04:09:44 UTC	35.241.9.150
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2023-02-04 04:10:40 UTC	34.117.237.239
orest-vlv.com (3)	0	2023-01-16 10:21:19 UTC	2023-02-03 17:17:01 UTC	54.237.193.255	Unknown ranking
r3.o.lencr.org (8)	344	2020-12-02 08:52:13 UTC	2023-02-04 04:09:18 UTC	95.101.11.115
rp.seroteforoh.com (1)	0	2014-06-17 10:34:09 UTC	2023-02-04 16:38:02 UTC	77.247.179.90	Unknown ranking
fonts.gstatic.com (2)	0	2014-04-02 10:51:04 UTC	2023-02-04 04:49:40 UTC	142.250.74.35	Domain (gstatic.com) ranked at: 540
ymdxv.sexplayground.net (4)	0	2022-11-17 14:25:53 UTC	2023-02-04 03:51:44 UTC	52.19.101.114	Domain (sexplayground.net) ranked at: 543531
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2023-02-04 04:12:26 UTC	34.160.144.191

Scan Date	Severity	Indicator	Comment
2023-02-04	2	ymdxv.sexplayground.net/js/pushjs/1.0.0/utils.js	Phishing
2023-02-04	2	ymdxv.sexplayground.net/js/pushjs/1.0.0/subscriber.js	Phishing
2023-02-04	2	ymdxv.sexplayground.net/js/service-worker.js	Phishing

Date	UQ / IDS / BL	URL	IP
2023-03-17 12:02:03 +0000	0 - 0 - 1	robcooperchiropractor.co.uk/ttwpoqnc/v/yFXXL7 (...)	77.247.179.90
2023-03-11 23:12:05 +0000	0 - 0 - 5	www.cwiinatonal.com/	77.247.179.90
2023-03-07 14:07:32 +0000	0 - 0 - 1	cdn3.partnerserving.com/toolbar/pub/66803/672 (...)	77.247.179.90
2023-03-07 13:58:29 +0000	0 - 0 - 1	cdn3.partnerserving.com/toolbar/pub/62606/653 (...)	77.247.179.90
2023-03-07 13:07:16 +0000	0 - 0 - 1	cdn3.partnerserving.com/toolbar/pub/75087/867 (...)	77.247.179.90

Date	UQ / IDS / BL	URL	IP
2023-03-21 13:51:49 +0000	0 - 0 - 15	halifax-securelink.com/Login.php	185.107.56.200
2023-03-21 13:34:10 +0000	0 - 0 - 15	opticats.com/Hp/dhl/DHL_Login_2020/login.php	185.107.56.199
2023-03-21 13:26:01 +0000	0 - 0 - 2	recalibritium.com/0/2/1393/5e3498d0c3874a56a7 (...)	185.107.56.199
2023-03-21 13:04:12 +0000	0 - 0 - 6	harltdoors.com/wordpress/nicholas/admin/PvqDq (...)	77.247.183.147
2023-03-21 12:48:09 +0000	0 - 2 - 2	d.ackng.com/ode.bin?&0-240-80-8453&4c4c4544-0 (...)	185.107.56.59

Date	UQ / IDS / BL	URL	IP
2023-03-14 04:48:58 +0000	0 - 0 - 1	info.seroteforoh.com/?v=1.02&c=0e24bd7a&at=15 (...)	216.245.197.43
2023-03-14 04:48:55 +0000	0 - 2 - 6	rp.seroteforoh.com/?pcrc=1958681419&v=2.0	77.247.179.89
2023-03-13 02:04:31 +0000	0 - 2 - 6	info.seroteforoh.com/?v=1.02&c=17b4c7fb&at=15 (...)	216.245.197.44
2023-03-05 21:48:51 +0000	0 - 2 - 5	rp.seroteforoh.com/?pcrc=1624265977&v=2.0	77.247.179.89
2023-03-01 15:32:08 +0000	0 - 0 - 1	info.seroteforoh.com/?v=1.02&c=74baeb02&at=15 (...)	77.247.179.82

Date	UQ / IDS / BL	URL	IP
2023-02-07 04:39:56 +0000	0 - 0 - 4	avkohst.ww.wy5532.com/	185.107.56.200
2023-01-29 01:31:17 +0000	0 - 0 - 3	5371f.gm.wy5532.com/	37.48.65.155

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8533 Expires: Sat, 04 Feb 2023 20:32:47 GMT Date: Sat, 04 Feb 2023 18:10:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1cdc095521e9ee2606059be447d1fdd5 Sha1: 02b5d0a5b5823e2338daf7e144700babe2a213af Sha256: 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66" Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16633 Expires: Sat, 04 Feb 2023 22:47:47 GMT Date: Sat, 04 Feb 2023 18:10:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c21ba65e44ac95470c314e068e49a9eb Sha1: 17a13b13738993d889d4afa3d848dc63bf6eba64 Sha256: 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 04 Feb 2023 17:36:15 GMT age: 2060 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64" Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4790 Expires: Sat, 04 Feb 2023 19:30:25 GMT Date: Sat, 04 Feb 2023 18:10:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: fb7b6b46e708ad73eaaa3c21e74569ae Sha1: 950663c025acad81556af5aa3022ecc9d55097fe Sha256: 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: lODQsHKOqUZlAQgALRf+4kOjEeU1Wirv0ZX7QgjHIoBeGfJU3U8k9kmaHGzqEhwHC2sj8AfcD+g= x-amz-request-id: XY1Q5YKV6NZ3G6NE content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 04 Feb 2023 17:52:55 GMT age: 1060 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 7b922915ebf1fa3639b333f994c74f24 Sha1: 144a3f80b98fd0652d4614f24cf6cbbee40f8938 Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 04 Feb 2023 18:10:35 GMT content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /?pcrc=55030560&v=2.0 HTTP/1.1 Host: rp.seroteforoh.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: rp.seroteforoh.com/?pcrc=55030560&v=2.0 FQDN: rp.seroteforoh.com IP: 77.247.179.90 HASH: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 77.247.179.90 HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Sat, 04 Feb 2023 18:10:34 GMT location: http://orest-vlv.com/zcvisitor/38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=2dfd6250-51be-11ed-8dac-0a918cbcbb97 server: nginx set-cookie: sid=38330c10-a4b7-11ed-a3e2-1a1f41aac76c; path=/; domain=.seroteforoh.com; expires=Thu, 22 Feb 2091 21:24:42 GMT; max-age=2147483647; HttpOnly --- Additional Info --- Magic: ASCII text, with no line terminators Size: 11 Md5: 32682312d17c7cbf18e73594f5570319 Sha1: 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /zcvisitor/38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=2dfd6250-51be-11ed-8dac-0a918cbcbb97 HTTP/1.1 Host: orest-vlv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: orest-vlv.com/zcvisitor/38412fc2-a4b7-11ed-a9dd-1280f6e (...) FQDN: orest-vlv.com IP: 54.237.193.255 HASH: f4556d61573345baf1d44db3a887cd168bad7194e3a2b6aeac2522891257986f 54.237.193.255 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Sat, 04 Feb 2023 18:10:35 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag Server: wYVHcwWj --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 1098 Md5: 9d812e18062ae4c0ac44fb7a40572b36 Sha1: 99caf434212276a1ad5c2970be05e2c0a5eeebe8 Sha256: f4556d61573345baf1d44db3a887cd168bad7194e3a2b6aeac2522891257986f
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 04 Feb 2023 18:07:19 GMT age: 196 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698" Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7056 Expires: Sat, 04 Feb 2023 20:08:11 GMT Date: Sat, 04 Feb 2023 18:10:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: dedf9c519ac38c4bece9c5bc895787d7 Sha1: 4911175c3f8a435978c5301c33c7a99a5e00a1d5 Sha256: bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
GET /zcredirect?visitid=38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 Host: orest-vlv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://orest-vlv.com/zcvisitor/38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=2dfd6250-51be-11ed-8dac-0a918cbcbb97 Upgrade-Insecure-Requests: 1	URL: orest-vlv.com/zcredirect?visitid=38412fc2-a4b7-11ed-a9d (...) FQDN: orest-vlv.com IP: 54.237.193.255 HASH: 02d42c7545ff7562ad6952f54f13417824155bdd037958f0f73cba90c86ccdae 54.237.193.255 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Sat, 04 Feb 2023 18:10:35 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS Server: ZTOKaTLn --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (426) Size: 938 Md5: 9dcf3fa071e6a9755c98bf30d8fe7d6f Sha1: e862cdc44bd2d8a8a68cc3f38bafeb4ffa3a79d1 Sha256: 02d42c7545ff7562ad6952f54f13417824155bdd037958f0f73cba90c86ccdae
GET /favicon.ico HTTP/1.1 Host: orest-vlv.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://orest-vlv.com/zcredirect?visitid=38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	URL: orest-vlv.com/favicon.ico FQDN: orest-vlv.com IP: 54.237.193.255 HASH: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8 54.237.193.255 HTTP/1.1 404 Content-Type: text/html;charset=utf-8 Date: Sat, 04 Feb 2023 18:10:35 GMT Content-Length: 653 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Content-Language: en Server: ffNBLiAZ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators Size: 653 Md5: ba2732b1b2fa2626ffaa15f62f9e7d66 Sha1: 203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /zp-redirect?target=https%3A%2F%2Fymdxv.sexplayground.net%3Futm_source%3D1d58d0084e854e5f%26s1%3D1018%26s2%3D1460271%26s3%3D719fbd40-273d-47b8-882f-683d1074b172%26click_id%3Dwlpg8m9da97di2dmitr2u4fc%26j1%3D1wlpg8m9da97di2dmitr2u4fc&caid=d7c80ce6-8f51-44b9-a36b-e005046c70ad&zpid=38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b&cid=wlpg8m9da97di2dmitr2u4fc&rt=R HTTP/1.1 Host: cartining-specute.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://orest-vlv.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: cartining-specute.com/zp-redirect?target=https%3A%2F%2F (...) FQDN: cartining-specute.com IP: 18.197.36.77 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.197.36.77 HTTP/2 302 Found server: nginx date: Sat, 04 Feb 2023 18:10:36 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://ymdxv.sexplayground.net?utm_source=1d58d0084e854e5f&s1=1018&s2=1460271&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=wlpg8m9da97di2dmitr2u4fc&j1=1wlpg8m9da97di2dmitr2u4fc pragma: no-cache set-cookie: cc-v4=Dg%2BYbJ6CR3DJYd2fSw9%2BRNEgps5mNicegJCBwrocrvZ%2B65%2Bj4X9SExlmGwgs%2FFVOqAuVb0k4I%2FXPKbYJGwqPa14DAX%2BLwYWJDaA4311jAgI334UjU6U9euN71FQZd%2BxHqREQ1j85i%2FM1VGYQJmzcVg%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 18:10:35 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 95sNqj7FQwu6D8fsoAMxbw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.162.135.48 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.162.135.48 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: P40+sgB46gV7CODffYMiC7MuFQU= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: fdad3bac96df91d9aba4c6975919da014678ed18976a1b056fa0a9f9b033a596 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FDAD3BAC96DF91D9ABA4C6975919DA014678ED18976A1B056FA0A9F9B033A596" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Sun, 05 Feb 2023 00:10:36 GMT Date: Sat, 04 Feb 2023 18:10:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7e32172c6399f97ff08038db00985356 Sha1: 76fd0f5f855f533cc84c1deef850bd0bcdbe2b7b Sha256: fdad3bac96df91d9aba4c6975919da014678ed18976a1b056fa0a9f9b033a596
GET /landings/276568/1666254351/css/animate.min.css?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/css/a (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 96a77b960ca581afdb9929de20caad310bbb1a5197c3f7dd032fced45819cb70 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/css x-amz-id-2: OQfFWZJskbwum7lxVGPcNxHpBnBMb0EJ9OJ+ttZ/tc0TNZ/gd+7j0C9RWxv4/gW7pMkKpxeE0Og= x-amz-request-id: 87425KKACFEH5XT1 Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "178b651958ceff556cbc5f355e08bbf1" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 3955 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text, with very long lines (52592) Size: 3955 Md5: f8e5e39b29158cd3c40283d629f96777 Sha1: 65e190f6a84c2abe389b866e71ca81c9025bf2fe Sha256: 96a77b960ca581afdb9929de20caad310bbb1a5197c3f7dd032fced45819cb70
GET /landings/276568/1666254351/css/safety-block.css?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/css/s (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 9ff19da41308cb1e308251f5b94682b9721d7516ab7536a4bfc5dd27ce6d6d29 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/css x-amz-id-2: O1GT+bQCo2H2Ygd5m1+9jENlUu3AaT4nA8NWSsWH8SCBgMYwVrv52h55o09frhXETu4yoVfFwQM6PyQivkbCPQ== x-amz-request-id: 874DYM00FEDJDDB0 Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "4abbbbff3b1e5dc388ccf4bead9cf005" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 452 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 452 Md5: b5243af1d62496d1fec862223ca03e36 Sha1: d3b7fff716998554010d5316848495b4d8b6fdac Sha256: 9ff19da41308cb1e308251f5b94682b9721d7516ab7536a4bfc5dd27ce6d6d29
GET /landings/276568/1666254351/css/timer.css?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/css/t (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: c198895d50e3aa5eacfb0c5c43ba3d19e50c1a4d2591af80a312c736134a819d 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/css x-amz-id-2: b2AmeXl/ZAKPPRAcqKXskEOBi9oF7ETXKg7vFmF2jtQHEEvEG1MWuXUJDpoWfmrbHNBnjThNx7w= x-amz-request-id: 87442NYTPWC82570 Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "7fc466ef5acb6ff32c3fe6a76d885ab7" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 703 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text Size: 703 Md5: 7fc466ef5acb6ff32c3fe6a76d885ab7 Sha1: ef2a72725e11504557986e7a7c4b95b68a035a15 Sha256: c198895d50e3aa5eacfb0c5c43ba3d19e50c1a4d2591af80a312c736134a819d
GET /landings/276568/1666254351/css/style.css?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/css/s (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 6361629feb39c42a7f322d27b7069e4b4182121260310de4c0ce6fd3bbd89c19 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/css x-amz-id-2: bm8hIA6y7zHG80SCf7920ufWKCoWh3YhYzEMyOO/WWFVbliEXIw3XL0pSUjnr4OXDh0OtTzFPyY= x-amz-request-id: 8748RNFZ460EJJPR Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "d29319ba7365079507b4b75f9bac0682" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 3753 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text Size: 3753 Md5: fdcbfeb63f6e9f046a1233646576cd4b Sha1: 116015c12551fae9848ad058d85760a5fa2f008b Sha256: 6361629feb39c42a7f322d27b7069e4b4182121260310de4c0ce6fd3bbd89c19
GET /landings/276568/1666254351/js/main.js?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/js/ma (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 38578a2f8a61102f5226411c82f050df545858b227868176c352750c7ec27d9d 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: C2c954Wpd4am9glWB6sH6yM/6U/F+yDhuPsP3MStXUBhwsd8F9yLAWLELCFHOiI2+8SQMkHBa8Y= x-amz-request-id: 8740NQK7N604TSXF Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "f8721ca5fa3a5bfb7e4d0e53d62529a3" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 388 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 388 Md5: cbd9f752a4a80e214c020856d79e6d7a Sha1: f65068adb9a99994ab4c777c9fbffca80e15d01c Sha256: 38578a2f8a61102f5226411c82f050df545858b227868176c352750c7ec27d9d
GET /landings/276568/1666254351/css/reviews.css?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/css/r (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 22edeefd66207270bc712e90b0acad1081aada36d82fa445cbaa58e7dc43c55e 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/css x-amz-id-2: aqkhbNVVEI6Fmo/cI/BONANdGrJyyV/m6NeEe2Mhpdo01WrnsZiKLf2qEewx1y1D1s7JzDjSgLc= x-amz-request-id: 8740VGWAKXS1Z559 Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "155f3acf4360a392deb0de6cef9aadfd" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 915 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 915 Md5: 9d45f63367e388d22ae2708a8a904392 Sha1: c5903d4c56ce94b3fbfed01f18be6b689bec6dba Sha256: 22edeefd66207270bc712e90b0acad1081aada36d82fa445cbaa58e7dc43c55e
GET /landings/276568/1666254351/js/translate-new.js?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/js/tr (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: b8d9b3915235992023051455e6db56890c402f27d2b436b90430a26c1f4e2188 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: 6TQ966LN+2WuE79PfxilcSKfl/nLCN8kTMFTFixjRCEDMErXVBNPiRYWt7C9VrmnLQ4bWCpYrgM= x-amz-request-id: 874C46E4TB1BB3E3 Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "92e646d664f2ca9d65b0d53585366b8c" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 1314 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: Unicode text, UTF-8 text, with CRLF line terminators Size: 1314 Md5: c2ad962f5d832729875b992c752d4e57 Sha1: 63095916d3196dfde8712c02d54c9e03be096507 Sha256: b8d9b3915235992023051455e6db56890c402f27d2b436b90430a26c1f4e2188
GET /landings/276568/1666254351/js/transl-sb.js?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/js/tr (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 6b20a54472e51cf46606fbebdfd8b479fa05e4a6ee92e964a5b4517a19907280 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: NVrrneVVA/DxU2ZAUEX/LiIoHIzVcnvuWAyyEfc9nJypEipcLy4lau1kRP5sgPIS3X651rHykjk= x-amz-request-id: 3RZJBV9W6A55QYKZ Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "68898dc5a77e849bd5a8b6492a04ac0e" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 1983 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 1983 Md5: ced2727af8681fd06a0f0459ecfa92c1 Sha1: 0ed62c0aeb5c61d1e0c24ec87075e6da6851266f Sha256: 6b20a54472e51cf46606fbebdfd8b479fa05e4a6ee92e964a5b4517a19907280
GET /landings/276568/1666254351/js/timer.js?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/js/ti (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 0fbb087d7116734500e29032c2e42919831043bb55bbd4ca713cccc54b08c672 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: p0fSdBZC4FbUF8m0EkOYdRYs/vep2yiXl7Ql1Wa6S2doTRLF986K9hpqolNCJyAvdnY6MbyBqRI= x-amz-request-id: 87433WVQXWMB7148 Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "c51bb82776cb215cc45dc33a8b59e834" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 589 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 589 Md5: 605c71748827d918226e5d2c2b36e2ee Sha1: ba1262e12a3ea360399df5a1c1aa0f18eef76e1f Sha256: 0fbb087d7116734500e29032c2e42919831043bb55bbd4ca713cccc54b08c672
GET /landings/276568/1666254351/js/translates-review.js?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/js/tr (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 5202868964ea4498cae53cb1a5577474095b33d415695221e64e7c3a68fdb4fe 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: qgWhvMKTQsEVSX5CiBh3hPxtsQGwgaVG/+H4xlr6U46KJXIFMh8ZtQt5BWmHUiD607bCEqvFKrU= x-amz-request-id: 6QZYZEPPY0MZTK21 Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "1c2203e50508db5daa2667fc898e819c" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 13246 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 13246 Md5: 9914a787c932dadce74810eae35e6228 Sha1: 7d378f241dfd7566c9797e270baffe77cfc43402 Sha256: 5202868964ea4498cae53cb1a5577474095b33d415695221e64e7c3a68fdb4fe
GET /landings/276568/1666254351/js/translate.js?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/js/tr (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: e2efa6e695b343bcdddf490b1bacae7b1f0c1f8c6b3bafedd67ba72099bde6f1 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: URT2x5tVErDhY6xxwsAu1hszaghpvafpBCeD76UJpR0yRRi6I7DQ5IwfNS1jzGyXnd5uKo6Rv8Y= x-amz-request-id: 3RZJKKZ5ZW0MCJ9E Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "298d16c465f29c132b1e22fecb377d42" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 13131 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 13131 Md5: 62152f416693daa351f8e88fa3e80cac Sha1: 5050da3c219cff935bd6f2c70cfda2e458f150a7 Sha256: e2efa6e695b343bcdddf490b1bacae7b1f0c1f8c6b3bafedd67ba72099bde6f1
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 18:10:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: c181c51a9326d56e60915a792c306c2c Sha1: de1cc0ce1384905e65a9fa9575743091d785e528 Sha256: b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7656 Expires: Sat, 04 Feb 2023 20:18:13 GMT Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1b25bf82638deaab60981e1315ee0849 Sha1: e3bd912fd1a890e64ee6746a78a674db7ff77039 Sha256: a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7656 Expires: Sat, 04 Feb 2023 20:18:13 GMT Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1b25bf82638deaab60981e1315ee0849 Sha1: e3bd912fd1a890e64ee6746a78a674db7ff77039 Sha256: a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7656 Expires: Sat, 04 Feb 2023 20:18:13 GMT Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1b25bf82638deaab60981e1315ee0849 Sha1: e3bd912fd1a890e64ee6746a78a674db7ff77039 Sha256: a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8527 x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyDqqGg5oAMFV-A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:05:44 GMT age: 72293 etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8527 Md5: 6661b7263315f5eb3cd2465f671e1fcd Sha1: b7b5831c6b3ccc41d7a980b6088adc10ff8785f1 Sha256: eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10253 x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyD7GGv5IAMFu8A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:05:21 GMT age: 72316 etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10253 Md5: 392b61306c346508d3ac4a2f28218f9c Sha1: d2de32b52e0d3f4fc6acaf687b3521294b01dc03 Sha256: 018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5174 x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyD7EFAHIAMFQQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA== via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 22:00:26 GMT age: 72611 etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5174 Md5: e5b4e4f15da3323c73974c3f1cdb5d74 Sha1: 1f14971d0cf979cc34ff191849dc43d86e8ac463 Sha256: 5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11565 x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fboIrFGboAMFyyQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 06:20:04 GMT age: 42633 etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11565 Md5: e366b32074025aaf60bbae8bdb08d330 Sha1: a52c2883bad98fa20333aa639a5dd3a5bf544c8e Sha256: 9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /landings/276568/1666254351/images/shield.svg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/svg+xml x-amz-id-2: Gl84DaW8LBKRyam8afV5hwd61RThKDLkqP+uyivfABFE8t5HcbBVAdWxjCIxq9bKC37mR+4RamtP7DmGPR793w== x-amz-request-id: H5H5VRZTHRG3EN5Z Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 1539 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310) Size: 1539 Md5: 0c7a0dfd64cf020cd8a6dc0c3df1dbdf Sha1: f705635388aebebae1223d828c38233067f28ab1 Sha256: 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
GET /landings/276568/1666254351/images/3-eu.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: 3gVKfCtrBPD0RCoEWp9eOvSQaBsj8i9Qr4OMvRVHly1esljTWlkRYG9pLwbOlPNxKnEpXBUI6l4= x-amz-request-id: H5HCCDRBG2Y9DSCB Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "1dc512dcb0850f22cfa72c789578085c" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 3946 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 80x80, components 3\012- data Size: 3946 Md5: 1dc512dcb0850f22cfa72c789578085c Sha1: 933e9c5648e782c9f9a1504d2248f0acb4b9950b Sha256: 7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00
GET /landings/276568/1666254351/images/unlock.svg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/svg+xml x-amz-id-2: cu8N8M0OO8L76j2fDH0EWbeSHB4rvM8sMFRdVG1sDwtRl/XabA5pGHV/4f3PyAezuJ+mdarxTb8= x-amz-request-id: 66QB4MS5MKAYV7TP Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "a732e1e06affb4575c050fdb0131e5ca" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 2378 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944) Size: 2378 Md5: a732e1e06affb4575c050fdb0131e5ca Sha1: da4f4f204a4d22c7424274a91520e0ea993c48c7 Sha256: e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
GET /landings/276568/1666254351/images/2-eu.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: d4bZu4ep7P9L/cI8ZDYobVI3VZoxbp3XNdKY3s4Ov/6bgHMjRxSXGa2/aRmcLeUa4J9fQe58T28= x-amz-request-id: H5HEQK5GXDX6FYV3 Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "66b6dc51bd19c799dcadf1dbeb628d9c" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 2009 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Size: 2009 Md5: 66b6dc51bd19c799dcadf1dbeb628d9c Sha1: ff7fe6049e944186764bfc5041d624ec11f8d362 Sha256: d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8211 x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fmKLVHwroAMF72Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: _VFg0FMYa1Dg55fLpJTwdX2uZXkYjZSFdbdAKqGQu7GF2dPiawKh1g== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Sat, 04 Feb 2023 07:29:26 GMT age: 38471 etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8211 Md5: 114e345e134986d7451148fcea31b29d Sha1: 541e878afee68c8802bb52b0cbbe5a5a0a185392 Sha256: 5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /landings/276568/1666254351/images/5-eu.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: 0GPwPXiSC8E/sBJCk5gycEropJuv82b6otz1VmNO+4fwp1V22Yj7HYF5/sCPYViSgf8ien4wyWg= x-amz-request-id: H5H0RNY6M4K02VA0 Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "27109a247208262e6293950ca8f5450d" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 2879 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Size: 2879 Md5: 27109a247208262e6293950ca8f5450d Sha1: cea89616d15ad45a0f2b04082dff608abd96b800 Sha256: 86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9141 x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fyD8zE5lIAMF1HA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0 x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Fri, 03 Feb 2023 21:56:07 GMT age: 72870 etag: "8e674830a97d8ce3818132fda197db4f0289d316" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9141 Md5: f7101f6e43855cb76ce48271a847ffbd Sha1: 8e674830a97d8ce3818132fda197db4f0289d316 Sha256: e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /landings/276568/1666254351/images/8-eu.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: IqZqZziEuq0J850OcSiPaYpCM2IlBnF//GDGCoLoVUfltkFTlcLStF9Z/vVECHoLfq15494F/t4= x-amz-request-id: H5H34SCVB7CF7YTD Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "41bbda91cef3f22db1d45d66f7ca0961" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 2458 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Size: 2458 Md5: 41bbda91cef3f22db1d45d66f7ca0961 Sha1: e2f8f56674e0180063a4f8287931dc0b273baf8e Sha256: d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e
GET /landings/276568/1666254351/images/password.svg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/svg+xml x-amz-id-2: 6x9Hm9+pxZ7U0BU+mDutC7tEbSMkC7L+dvsvtqPTMH0MJexyVAyRGSLIKrcGof3nAnfNyBh90Zo= x-amz-request-id: H5H5DHD1TS9ZGF6T Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "f42aef7f97d4c9bdb074673081f38ac7" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 1339 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330) Size: 1339 Md5: f42aef7f97d4c9bdb074673081f38ac7 Sha1: 0231df782e371d139c826e091279acd9a07e691c Sha256: 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
GET /landings/276568/1666254351/images/1-eu.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 515974c9245ead07b3332ca22fa1581622118c75955941452140a602646aa553 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: 9JslCyyWx5d7iR/K6B+GakTD0IwgfW4+kGOY3GXbsctYOA8ufV0jUWty8MADlCph66q53ZxyFTc= x-amz-request-id: H5H8NKB1QV3FPG61 Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "6e6d0b84c81d847e24671a711115a781" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 4292 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Size: 4292 Md5: 6e6d0b84c81d847e24671a711115a781 Sha1: 20dc2d359e437dc10ceefea4d3c7b5189c2e58d0 Sha256: 515974c9245ead07b3332ca22fa1581622118c75955941452140a602646aa553
GET /landings/276568/1666254351/images/6-eu.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: GjMnNrJ6Jt/tDybfdmMQ2VABfLxnFw/tUb1GBZ81sOUmPC8ljgud0aDiZ3BdlWS5uHv47QEtrFc= x-amz-request-id: H5HCSFWWCQ3W7JY2 Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "9a6870069cb979e16b239f9ed485fb3c" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 3256 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Size: 3256 Md5: 9a6870069cb979e16b239f9ed485fb3c Sha1: c1dc7f3620c8cc391648c550f91b269b04d3c612 Sha256: 3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818
GET /landings/276568/1666254351/images/4-eu.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: 6pLWpfhPD+u7s6hE0DLfouQAOBE46ApCEirIiNbDoElRjZ6HMgHGUSgFKWiVHyxrHcFFWuqISm0= x-amz-request-id: H5HD8S400C7RQ7ST Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "cb3aff7c886e4f72a98172b873b5e62d" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 2586 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Size: 2586 Md5: cb3aff7c886e4f72a98172b873b5e62d Sha1: 33de244dcb4db4abe54b6508ae8d1546eb279aa5 Sha256: d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e
GET /landings/276568/1666254351/images/7-eu.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: tpS1XfZ2NzaV4XlpKxhoV+0LoimF/cHlbpxrTaAZHGdnz3uI8sN546gh30Ri0RHhNWOqIH//3jg= x-amz-request-id: H5H6WQV9Z382TF0V Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "8155d8ecc7dc2d9b29cf99ab85c3d2a8" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 2282 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data Size: 2282 Md5: 8155d8ecc7dc2d9b29cf99ab85c3d2a8 Sha1: ba784563c7787760b318af24ea274ad6df2c5b89 Sha256: 7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 18:10:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 98be7fe21d059e46146a43d20c4eea92 Sha1: 1ec58129fea75085588be7b8baec05b0874b5274 Sha256: 7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
GET /landings/276568/1666254351/images/no.png HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/landings/276568/1666254351/css/style.css?1666254351 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: f54a3a7079d0d1df68716ec73ec92576f345378bccff79c7575e0fd14efa215a 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/png x-amz-id-2: F8NS6TWu9/PHBncY6hGCROnExtcBIuuv/ridzDWPk7yRvS6LPN1fR0zOzWWSE3bHkpR73MRW6dQ= x-amz-request-id: H5H9K4D8BB62Q1RC Last-Modified: Mon, 24 Oct 2022 14:11:17 GMT ETag: "ecd70153a7c781abe8ed5cd38e3b3d0a" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 412 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Size: 412 Md5: ecd70153a7c781abe8ed5cd38e3b3d0a Sha1: a48e71c66f86b91d8ffb1b7a611d6db8437251e6 Sha256: f54a3a7079d0d1df68716ec73ec92576f345378bccff79c7575e0fd14efa215a
GET /landings/276568/1666254351/images/yes.png HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/landings/276568/1666254351/css/style.css?1666254351 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 9a21923b0d485863a9eac97f5b216820a07315eac3842e376e5420885c77107a 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/png x-amz-id-2: yN8T3P1gX2ObwBBjIdg/4krcdNHdLU1qiwLfZxom8FnxeTLMVHPN+AeP1z/j+RT3sPOtomOrJ2Q= x-amz-request-id: H5H0HM52ZRP01NRG Last-Modified: Mon, 24 Oct 2022 14:11:17 GMT ETag: "48d3126f21b32ae7f67de101f39dbb1a" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 763 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Size: 763 Md5: 48d3126f21b32ae7f67de101f39dbb1a Sha1: 6fe5bcec49174434b92df32bf9dee66c3a83f9f1 Sha256: 9a21923b0d485863a9eac97f5b216820a07315eac3842e376e5420885c77107a
GET /landings/276568/1666254351/images/pattern.png HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/landings/276568/1666254351/css/style.css?1666254351 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: ec39a4249fafae9247048939db255e773ecf810942969e54a1f4007bdfd4bffc 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/png x-amz-id-2: lgb9SeTXcqbJ4yb1dOQetGJDD6egjVmb8DT2wxtIdZZLOIn2DySjViFBNhRsbwJQrWGeDSR8NtQ= x-amz-request-id: CYA73Y4MY28AQRPV Last-Modified: Mon, 24 Oct 2022 14:11:17 GMT ETag: "e986a5eb0ae5ae97945d0de3f3042884" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 76 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced\012- data Size: 76 Md5: e986a5eb0ae5ae97945d0de3f3042884 Sha1: 43efe7436a2e0b1309e94963e8e8611a836e84bf Sha256: ec39a4249fafae9247048939db255e773ecf810942969e54a1f4007bdfd4bffc
GET /landings/276568/1666254351/images/action_icons_20px_2x.png HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/landings/276568/1666254351/css/reviews.css?1666254351 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/png x-amz-id-2: PXEu9RO7oCTTGvTDAHjAARxD4mXGaW9ViphDzozM9R+Zkp5INrfuzHy9Ur231SK0yIz/lC1nBEo= x-amz-request-id: H5H3SNK5XK3D82SW Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "b699975b5fe73b087e711a33ff24ee1e" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 1726 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data Size: 1726 Md5: b699975b5fe73b087e711a33ff24ee1e Sha1: 0e33cc5c32a5e7d18440751e3946076664caaf53 Sha256: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 18:10:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 23287a0337047631e479bb3cbe8b0fcd Sha1: 15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99 Sha256: da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 18:10:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 23287a0337047631e479bb3cbe8b0fcd Sha1: 15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99 Sha256: da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ymdxv.sexplayground.net Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 FQDN: fonts.gstatic.com IP: 142.250.74.35 HASH: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23580 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 31 Jan 2023 04:29:08 GMT expires: Wed, 31 Jan 2024 04:29:08 GMT cache-control: public, max-age=31536000 age: 394889 last-modified: Tue, 26 Apr 2022 15:48:56 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Size: 23580 Md5: e1b3b5908c9cf23dfb2b9c52b9a023ab Sha1: fcd4136085f2a03481d9958cc6793a5ed98e714c Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://ymdxv.sexplayground.net Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 FQDN: fonts.gstatic.com IP: 142.250.74.35 HASH: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 142.250.74.35 HTTP/2 200 OK content-type: font/woff2 accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 23040 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 29 Jan 2023 10:25:03 GMT expires: Mon, 29 Jan 2024 10:25:03 GMT cache-control: public, max-age=31536000 age: 546334 last-modified: Tue, 26 Apr 2022 15:56:42 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Size: 23040 Md5: de69cf9e514df447d1b0bb16f49d2457 Sha1: 2ac78601179c3a63ba3f3f3081556b12ddcaf655 Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /landings/276568/1666254351/images/m1.mp4 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: 3f323b32bf8d0db3f4f47a815d0b7a43eccb3899f837a2b645d06e59eb5eb31a 95.101.11.11 HTTP/1.1 206 Partial Content Content-Type: video/mp4 x-amz-id-2: LlKhXwBrESpRUePfdpAKVQnET+NxbJ9wT1TrruvkNKVTIq1+oMzjVY4QDueIFm7/2YxEgSjajtQ= x-amz-request-id: CYA1TZ18RFVB066J Last-Modified: Mon, 24 Oct 2022 14:11:17 GMT ETag: "4e9dae905828e0ee4bd6f4849463d5fd" Accept-Ranges: bytes Server: AmazonS3 Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Range: bytes 0-939586/939587 Content-Length: 939587 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size: 939587 Md5: 4e9dae905828e0ee4bd6f4849463d5fd Sha1: 1faf07536bb4e05fac327fce919a2ba48861659d Sha256: 3f323b32bf8d0db3f4f47a815d0b7a43eccb3899f837a2b645d06e59eb5eb31a
GET /landings/276568/1666254351/images/w1.mp4 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/image (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: f48da335d775510a8e62c9e2d66307d3fda4d1a6a8332cbd990ff6ed076936ed 95.101.11.11 HTTP/1.1 206 Partial Content Content-Type: video/mp4 x-amz-id-2: IsKXYFGfuk1cycMtcXtyn6MvWKP1uKQ9jE4DvVG3sTYSQOQkjFfpHo3lzffZHXAFMQadHtz6P/4= x-amz-request-id: CYACTC382819408T Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT ETag: "5a0b78ec497fdec0957677be10b54050" Accept-Ranges: bytes Server: AmazonS3 Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Range: bytes 0-1044470/1044471 Content-Length: 1044471 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ISO Media, MP4 v2 [ISO 14496-14]\012- data Size: 1044471 Md5: 5a0b78ec497fdec0957677be10b54050 Sha1: d6047d355cd2f8d15f65cc7b48006328013c050e Sha256: f48da335d775510a8e62c9e2d66307d3fda4d1a6a8332cbd990ff6ed076936ed
GET /images/favicon.ico HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/images/favicon.ico FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 HASH: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0 95.101.11.11 HTTP/1.1 200 OK Content-Type: image/x-icon x-amz-id-2: 2GM1RH+Oo7JIRLs/OPfJSrmls1pwWkrIufazLdJT5aWuDbgNABEKJmW/8rLlCMaF9QlDE8aTJ9E= x-amz-request-id: Y5JJFAEXP3X803ZN Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT ETag: "4cdf3256cd7b8ec3917adb79d6bf457e" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 4103 Date: Sat, 04 Feb 2023 18:10:37 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Size: 4103 Md5: 4cdf3256cd7b8ec3917adb79d6bf457e Sha1: bc615337e9223183a126c8fb649774866fb53e69 Sha256: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 04 Feb 2023 18:10:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 23287a0337047631e479bb3cbe8b0fcd Sha1: 15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99 Sha256: da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
GET /js/pushjs/1.0.0/utils.js HTTP/1.1 Host: ymdxv.sexplayground.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/?utm_source=1d58d0084e854e5f&s1=1018&s2=1460271&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=wlpg8m9da97di2dmitr2u4fc&j1=1wlpg8m9da97di2dmitr2u4fc Cookie: unique_id=63de9f9c0001d6e8; unique_id2=63ddd6510008d7fa; 63ddd6510008d7fa_c=1; ref_token=1018; 63ddd6510008d7fa_sl=[276568] Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: ymdxv.sexplayground.net/js/pushjs/1.0.0/utils.js FQDN: ymdxv.sexplayground.net IP: 52.19.101.114 HASH: 4222cbf641eda504313b3f8d4e0cb2ff58b654e87bfafc3c50653ef9c6286107 52.19.101.114 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 04 Feb 2023 18:10:37 GMT expires: Sat, 11 Feb 2023 18:10:37 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: C source, ASCII text, with very long lines (42618) Size: 13404 Md5: 59fa3a07df5ed2405f419b06efe62d9d Sha1: 811092c5025de5ed9333b12280fe4698eb9bfa40 Sha256: 4222cbf641eda504313b3f8d4e0cb2ff58b654e87bfafc3c50653ef9c6286107 Alerts: Blocklists: - fortinet: Phishing
GET /?utm_source=1d58d0084e854e5f&s1=1018&s2=1460271&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=wlpg8m9da97di2dmitr2u4fc&j1=1wlpg8m9da97di2dmitr2u4fc HTTP/1.1 Host: ymdxv.sexplayground.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://orest-vlv.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: ymdxv.sexplayground.net/?utm_source=1d58d0084e854e5f&s1 (...) FQDN: ymdxv.sexplayground.net IP: 52.19.101.114 52.19.101.114 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: nginx date: Sat, 04 Feb 2023 18:10:36 GMT set-cookie: unique_id=63de9f9c0001d6e8; Path=/; Expires=Wed, 05 Apr 2023 18:10:36 GMT; Secure; SameSite=None unique_id2=63ddd6510008d7fa; Path=/; Expires=Fri, 05 May 2023 18:10:36 GMT; Secure; SameSite=None 63ddd6510008d7fa_c=1; Path=/; Expires=Fri, 05 May 2023 18:10:36 GMT; Secure; SameSite=None ref_token=1018; Path=/; Expires=Mon, 06 Mar 2023 18:10:36 GMT; Secure; SameSite=None impression=; Path=/; Expires=Sat, 04 Feb 2023 18:10:36 GMT; Secure; SameSite=None 63ddd6510008d7fa_sl=[276568]; Path=/; Expires=Sat, 18 Feb 2023 18:10:36 GMT; Secure; SameSite=None content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /landings/276568/1666254351/js/jquery-2.2.4.min.js?1666254351 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/276568/1666254351/js/jq (...) FQDN: cdn-dimi.akamaized.net IP: 95.101.11.11 95.101.11.11 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: ER704APz1DGjtDGOK8WB5eanLKjGOirdFhmjHkSHi20Ev6LJc3u0jc6nPCXA3qJAcg4KLq8SmtA= x-amz-request-id: 8742C1MCVB50T0YD Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT ETag: "2f6b11a7e914718e0290410e85366fe9" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Sat, 04 Feb 2023 18:10:37 GMT Content-Length: 29855 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info ---
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 Host: ymdxv.sexplayground.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://ymdxv.sexplayground.net/?utm_source=1d58d0084e854e5f&s1=1018&s2=1460271&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=wlpg8m9da97di2dmitr2u4fc&j1=1wlpg8m9da97di2dmitr2u4fc Cookie: unique_id=63de9f9c0001d6e8; unique_id2=63ddd6510008d7fa; 63ddd6510008d7fa_c=1; ref_token=1018; 63ddd6510008d7fa_sl=[276568] Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: ymdxv.sexplayground.net/js/pushjs/1.0.0/subscriber.js FQDN: ymdxv.sexplayground.net IP: 52.19.101.114 52.19.101.114 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 04 Feb 2023 18:10:37 GMT expires: Sat, 11 Feb 2023 18:10:37 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing
GET /css2?family=Lato:wght@300;400;700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css2?family=Lato:wght@300;400;700& (...) FQDN: fonts.googleapis.com IP: 142.250.74.74 142.250.74.74 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Sat, 04 Feb 2023 18:10:37 GMT date: Sat, 04 Feb 2023 18:10:37 GMT cache-control: private, max-age=86400 cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info ---
GET /js/service-worker.js HTTP/1.1 Host: ymdxv.sexplayground.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: unique_id=63de9f9c0001d6e8; unique_id2=63ddd6510008d7fa; 63ddd6510008d7fa_c=1; ref_token=1018; 63ddd6510008d7fa_sl=[276568] Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: ymdxv.sexplayground.net/js/service-worker.js FQDN: ymdxv.sexplayground.net IP: 52.19.101.114 52.19.101.114 HTTP/2 200 OK content-type: application/javascript server: nginx date: Sat, 04 Feb 2023 18:10:37 GMT expires: Sat, 11 Feb 2023 18:10:37 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66" 

                                        
                                            
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8533 

                                        
                                            
Expires: Sat, 04 Feb 2023 20:32:47 GMT 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:34 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    1cdc095521e9ee2606059be447d1fdd5

                                                Sha1:   02b5d0a5b5823e2338daf7e144700babe2a213af

                                                Sha256: 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sat, 04 Feb 2023 17:36:15 GMT 

                                        
                                            
age: 2060 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    30db107dcf4380cef05efea409c2e6a3

                                                Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9

                                                Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: lODQsHKOqUZlAQgALRf+4kOjEeU1Wirv0ZX7QgjHIoBeGfJU3U8k9kmaHGzqEhwHC2sj8AfcD+g= 

                                        
                                            
x-amz-request-id: XY1Q5YKV6NZ3G6NE 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sat, 04 Feb 2023 17:52:55 GMT 

                                        
                                            
age: 1060 

                                        
                                            
last-modified: Mon, 09 Jan 2023 18:04:21 GMT 

                                        
                                            
etag: "7b922915ebf1fa3639b333f994c74f24" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    7b922915ebf1fa3639b333f994c74f24

                                                Sha1:   144a3f80b98fd0652d4614f24cf6cbbee40f8938

                                                Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

                                        
                                            GET /?pcrc=55030560&v=2.0 HTTP/1.1 

                                        
                                            
Host: rp.seroteforoh.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         77.247.179.90

                                        
                                            HTTP/1.1 302 Found

                                        

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
connection: close 

                                        
                                            
content-length: 11 

                                        
                                            
date: Sat, 04 Feb 2023 18:10:34 GMT 

                                        
                                            
location: http://orest-vlv.com/zcvisitor/38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=2dfd6250-51be-11ed-8dac-0a918cbcbb97 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: sid=38330c10-a4b7-11ed-a3e2-1a1f41aac76c; path=/; domain=.seroteforoh.com; expires=Thu, 22 Feb 2091 21:24:42 GMT; max-age=2147483647; HttpOnly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   11

                                                Md5:    32682312d17c7cbf18e73594f5570319

                                                Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9

                                                Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sat, 04 Feb 2023 18:07:19 GMT 

                                        
                                            
age: 196 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET /zcredirect?visitid=38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 

                                        
                                            
Host: orest-vlv.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://orest-vlv.com/zcvisitor/38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=2dfd6250-51be-11ed-8dac-0a918cbcbb97 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         54.237.193.255

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/html;charset=UTF-8

                                        

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:35 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET,POST,OPTIONS 

                                        
                                            
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag 

                                        
                                            
redirected: JS 

                                        
                                            
Server: ZTOKaTLn 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (426)

                                                Size:   938

                                                Md5:    9dcf3fa071e6a9755c98bf30d8fe7d6f

                                                Sha1:   e862cdc44bd2d8a8a68cc3f38bafeb4ffa3a79d1

                                                Sha256: 02d42c7545ff7562ad6952f54f13417824155bdd037958f0f73cba90c86ccdae

                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fymdxv.sexplayground.net%3Futm_source%3D1d58d0084e854e5f%26s1%3D1018%26s2%3D1460271%26s3%3D719fbd40-273d-47b8-882f-683d1074b172%26click_id%3Dwlpg8m9da97di2dmitr2u4fc%26j1%3D1wlpg8m9da97di2dmitr2u4fc&caid=d7c80ce6-8f51-44b9-a36b-e005046c70ad&zpid=38412fc2-a4b7-11ed-a9dd-1280f6ee8e2b&cid=wlpg8m9da97di2dmitr2u4fc&rt=R HTTP/1.1 

                                        
                                            
Host: cartining-specute.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://orest-vlv.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         18.197.36.77

                                        
                                            HTTP/2 302 Found

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sat, 04 Feb 2023 18:10:36 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
cache-control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
expires: Thu, 01 Jan 1970 00:00:00 GMT 

                                        
                                            
location: https://ymdxv.sexplayground.net?utm_source=1d58d0084e854e5f&s1=1018&s2=1460271&s3=719fbd40-273d-47b8-882f-683d1074b172&click_id=wlpg8m9da97di2dmitr2u4fc&j1=1wlpg8m9da97di2dmitr2u4fc 

                                        
                                            
pragma: no-cache 

                                        
                                            
set-cookie: cc-v4=Dg%2BYbJ6CR3DJYd2fSw9%2BRNEgps5mNicegJCBwrocrvZ%2B65%2Bj4X9SExlmGwgs%2FFVOqAuVb0k4I%2FXPKbYJGwqPa14DAX%2BLwYWJDaA4311jAgI334UjU6U9euN71FQZd%2BxHqREQ1j85i%2FM1VGYQJmzcVg%3D%3D; Max-Age=31536000; Expires=Sun, 04-Feb-2024 18:10:35 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "FDAD3BAC96DF91D9ABA4C6975919DA014678ED18976A1B056FA0A9F9B033A596" 

                                        
                                            
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=21600 

                                        
                                            
Expires: Sun, 05 Feb 2023 00:10:36 GMT 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7e32172c6399f97ff08038db00985356

                                                Sha1:   76fd0f5f855f533cc84c1deef850bd0bcdbe2b7b

                                                Sha256: fdad3bac96df91d9aba4c6975919da014678ed18976a1b056fa0a9f9b033a596

                                        
                                            GET /landings/276568/1666254351/css/safety-block.css?1666254351 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
x-amz-id-2: O1GT+bQCo2H2Ygd5m1+9jENlUu3AaT4nA8NWSsWH8SCBgMYwVrv52h55o09frhXETu4yoVfFwQM6PyQivkbCPQ== 

                                        
                                            
x-amz-request-id: 874DYM00FEDJDDB0 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT 

                                        
                                            
ETag: "4abbbbff3b1e5dc388ccf4bead9cf005" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Content-Length: 452 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   452

                                                Md5:    b5243af1d62496d1fec862223ca03e36

                                                Sha1:   d3b7fff716998554010d5316848495b4d8b6fdac

                                                Sha256: 9ff19da41308cb1e308251f5b94682b9721d7516ab7536a4bfc5dd27ce6d6d29

                                        
                                            GET /landings/276568/1666254351/css/style.css?1666254351 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
x-amz-id-2: bm8hIA6y7zHG80SCf7920ufWKCoWh3YhYzEMyOO/WWFVbliEXIw3XL0pSUjnr4OXDh0OtTzFPyY= 

                                        
                                            
x-amz-request-id: 8748RNFZ460EJJPR 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT 

                                        
                                            
ETag: "d29319ba7365079507b4b75f9bac0682" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Content-Length: 3753 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   3753

                                                Md5:    fdcbfeb63f6e9f046a1233646576cd4b

                                                Sha1:   116015c12551fae9848ad058d85760a5fa2f008b

                                                Sha256: 6361629feb39c42a7f322d27b7069e4b4182121260310de4c0ce6fd3bbd89c19

                                        
                                            GET /landings/276568/1666254351/css/reviews.css?1666254351 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
x-amz-id-2: aqkhbNVVEI6Fmo/cI/BONANdGrJyyV/m6NeEe2Mhpdo01WrnsZiKLf2qEewx1y1D1s7JzDjSgLc= 

                                        
                                            
x-amz-request-id: 8740VGWAKXS1Z559 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT 

                                        
                                            
ETag: "155f3acf4360a392deb0de6cef9aadfd" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Content-Length: 915 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   915

                                                Md5:    9d45f63367e388d22ae2708a8a904392

                                                Sha1:   c5903d4c56ce94b3fbfed01f18be6b689bec6dba

                                                Sha256: 22edeefd66207270bc712e90b0acad1081aada36d82fa445cbaa58e7dc43c55e

                                        
                                            GET /landings/276568/1666254351/js/transl-sb.js?1666254351 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
x-amz-id-2: NVrrneVVA/DxU2ZAUEX/LiIoHIzVcnvuWAyyEfc9nJypEipcLy4lau1kRP5sgPIS3X651rHykjk= 

                                        
                                            
x-amz-request-id: 3RZJBV9W6A55QYKZ 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT 

                                        
                                            
ETag: "68898dc5a77e849bd5a8b6492a04ac0e" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Content-Length: 1983 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text

                                                Size:   1983

                                                Md5:    ced2727af8681fd06a0f0459ecfa92c1

                                                Sha1:   0ed62c0aeb5c61d1e0c24ec87075e6da6851266f

                                                Sha256: 6b20a54472e51cf46606fbebdfd8b479fa05e4a6ee92e964a5b4517a19907280

                                        
                                            GET /landings/276568/1666254351/js/translates-review.js?1666254351 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
x-amz-id-2: qgWhvMKTQsEVSX5CiBh3hPxtsQGwgaVG/+H4xlr6U46KJXIFMh8ZtQt5BWmHUiD607bCEqvFKrU= 

                                        
                                            
x-amz-request-id: 6QZYZEPPY0MZTK21 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT 

                                        
                                            
ETag: "1c2203e50508db5daa2667fc898e819c" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Content-Length: 13246 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text

                                                Size:   13246

                                                Md5:    9914a787c932dadce74810eae35e6228

                                                Sha1:   7d378f241dfd7566c9797e270baffe77cfc43402

                                                Sha256: 5202868964ea4498cae53cb1a5577474095b33d415695221e64e7c3a68fdb4fe

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    c181c51a9326d56e60915a792c306c2c

                                                Sha1:   de1cc0ce1384905e65a9fa9575743091d785e528

                                                Sha256: b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF" 

                                        
                                            
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=7656 

                                        
                                            
Expires: Sat, 04 Feb 2023 20:18:13 GMT 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    1b25bf82638deaab60981e1315ee0849

                                                Sha1:   e3bd912fd1a890e64ee6746a78a674db7ff77039

                                                Sha256: a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8527 

                                        
                                            
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fyDqqGg5oAMFV-A= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg== 

                                        
                                            
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 03 Feb 2023 22:05:44 GMT 

                                        
                                            
age: 72293 

                                        
                                            
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8527

                                                Md5:    6661b7263315f5eb3cd2465f671e1fcd

                                                Sha1:   b7b5831c6b3ccc41d7a980b6088adc10ff8785f1

                                                Sha256: eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5174 

                                        
                                            
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fyD7EFAHIAMFQQQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA== 

                                        
                                            
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 03 Feb 2023 22:00:26 GMT 

                                        
                                            
age: 72611 

                                        
                                            
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5174

                                                Md5:    e5b4e4f15da3323c73974c3f1cdb5d74

                                                Sha1:   1f14971d0cf979cc34ff191849dc43d86e8ac463

                                                Sha256: 5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

                                        
                                            GET /landings/276568/1666254351/images/shield.svg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/svg+xml

                                        

                                        
                                            
x-amz-id-2: Gl84DaW8LBKRyam8afV5hwd61RThKDLkqP+uyivfABFE8t5HcbBVAdWxjCIxq9bKC37mR+4RamtP7DmGPR793w== 

                                        
                                            
x-amz-request-id: H5H5VRZTHRG3EN5Z 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT 

                                        
                                            
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 1539 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310)

                                                Size:   1539

                                                Md5:    0c7a0dfd64cf020cd8a6dc0c3df1dbdf

                                                Sha1:   f705635388aebebae1223d828c38233067f28ab1

                                                Sha256: 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888

                                        
                                            GET /landings/276568/1666254351/images/unlock.svg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/svg+xml

                                        

                                        
                                            
x-amz-id-2: cu8N8M0OO8L76j2fDH0EWbeSHB4rvM8sMFRdVG1sDwtRl/XabA5pGHV/4f3PyAezuJ+mdarxTb8= 

                                        
                                            
x-amz-request-id: 66QB4MS5MKAYV7TP 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT 

                                        
                                            
ETag: "a732e1e06affb4575c050fdb0131e5ca" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 2378 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944)

                                                Size:   2378

                                                Md5:    a732e1e06affb4575c050fdb0131e5ca

                                                Sha1:   da4f4f204a4d22c7424274a91520e0ea993c48c7

                                                Sha256: e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8211 

                                        
                                            
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fmKLVHwroAMF72Q= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: _VFg0FMYa1Dg55fLpJTwdX2uZXkYjZSFdbdAKqGQu7GF2dPiawKh1g== 

                                        
                                            
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 04 Feb 2023 07:29:26 GMT 

                                        
                                            
age: 38471 

                                        
                                            
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8211

                                                Md5:    114e345e134986d7451148fcea31b29d

                                                Sha1:   541e878afee68c8802bb52b0cbbe5a5a0a185392

                                                Sha256: 5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9141 

                                        
                                            
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fyD8zE5lIAMF1HA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w== 

                                        
                                            
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 03 Feb 2023 21:56:07 GMT 

                                        
                                            
age: 72870 

                                        
                                            
etag: "8e674830a97d8ce3818132fda197db4f0289d316" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9141

                                                Md5:    f7101f6e43855cb76ce48271a847ffbd

                                                Sha1:   8e674830a97d8ce3818132fda197db4f0289d316

                                                Sha256: e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55

                                        
                                            GET /landings/276568/1666254351/images/password.svg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/svg+xml

                                        

                                        
                                            
x-amz-id-2: 6x9Hm9+pxZ7U0BU+mDutC7tEbSMkC7L+dvsvtqPTMH0MJexyVAyRGSLIKrcGof3nAnfNyBh90Zo= 

                                        
                                            
x-amz-request-id: H5H5DHD1TS9ZGF6T 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT 

                                        
                                            
ETag: "f42aef7f97d4c9bdb074673081f38ac7" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 1339 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330)

                                                Size:   1339

                                                Md5:    f42aef7f97d4c9bdb074673081f38ac7

                                                Sha1:   0231df782e371d139c826e091279acd9a07e691c

                                                Sha256: 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac

                                        
                                            GET /landings/276568/1666254351/images/6-eu.jpg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
x-amz-id-2: GjMnNrJ6Jt/tDybfdmMQ2VABfLxnFw/tUb1GBZ81sOUmPC8ljgud0aDiZ3BdlWS5uHv47QEtrFc= 

                                        
                                            
x-amz-request-id: H5HCSFWWCQ3W7JY2 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT 

                                        
                                            
ETag: "9a6870069cb979e16b239f9ed485fb3c" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 3256 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data

                                                Size:   3256

                                                Md5:    9a6870069cb979e16b239f9ed485fb3c

                                                Sha1:   c1dc7f3620c8cc391648c550f91b269b04d3c612

                                                Sha256: 3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818

                                        
                                            GET /landings/276568/1666254351/images/7-eu.jpg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
x-amz-id-2: tpS1XfZ2NzaV4XlpKxhoV+0LoimF/cHlbpxrTaAZHGdnz3uI8sN546gh30Ri0RHhNWOqIH//3jg= 

                                        
                                            
x-amz-request-id: H5H6WQV9Z382TF0V 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:18 GMT 

                                        
                                            
ETag: "8155d8ecc7dc2d9b29cf99ab85c3d2a8" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 2282 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data

                                                Size:   2282

                                                Md5:    8155d8ecc7dc2d9b29cf99ab85c3d2a8

                                                Sha1:   ba784563c7787760b318af24ea274ad6df2c5b89

                                                Sha256: 7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27

                                        
                                            GET /landings/276568/1666254351/images/no.png HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://cdn-dimi.akamaized.net/landings/276568/1666254351/css/style.css?1666254351 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
x-amz-id-2: F8NS6TWu9/PHBncY6hGCROnExtcBIuuv/ridzDWPk7yRvS6LPN1fR0zOzWWSE3bHkpR73MRW6dQ= 

                                        
                                            
x-amz-request-id: H5H9K4D8BB62Q1RC 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:17 GMT 

                                        
                                            
ETag: "ecd70153a7c781abe8ed5cd38e3b3d0a" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 412 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   412

                                                Md5:    ecd70153a7c781abe8ed5cd38e3b3d0a

                                                Sha1:   a48e71c66f86b91d8ffb1b7a611d6db8437251e6

                                                Sha256: f54a3a7079d0d1df68716ec73ec92576f345378bccff79c7575e0fd14efa215a

                                        
                                            GET /landings/276568/1666254351/images/pattern.png HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://cdn-dimi.akamaized.net/landings/276568/1666254351/css/style.css?1666254351 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
x-amz-id-2: lgb9SeTXcqbJ4yb1dOQetGJDD6egjVmb8DT2wxtIdZZLOIn2DySjViFBNhRsbwJQrWGeDSR8NtQ= 

                                        
                                            
x-amz-request-id: CYA73Y4MY28AQRPV 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:17 GMT 

                                        
                                            
ETag: "e986a5eb0ae5ae97945d0de3f3042884" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 76 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 2 x 2, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   76

                                                Md5:    e986a5eb0ae5ae97945d0de3f3042884

                                                Sha1:   43efe7436a2e0b1309e94963e8e8611a836e84bf

                                                Sha256: ec39a4249fafae9247048939db255e773ecf810942969e54a1f4007bdfd4bffc

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    23287a0337047631e479bb3cbe8b0fcd

                                                Sha1:   15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99

                                                Sha256: da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://ymdxv.sexplayground.net 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 23580 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Tue, 31 Jan 2023 04:29:08 GMT 

                                        
                                            
expires: Wed, 31 Jan 2024 04:29:08 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 394889 

                                        
                                            
last-modified: Tue, 26 Apr 2022 15:48:56 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data

                                                Size:   23580

                                                Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab

                                                Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c

                                                Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

                                        
                                            GET /landings/276568/1666254351/images/m1.mp4 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Range: bytes=0- 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: video 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 206 Partial Content 

                                        
                                            
Content-Type: video/mp4

                                        

                                        
                                            
x-amz-id-2: LlKhXwBrESpRUePfdpAKVQnET+NxbJ9wT1TrruvkNKVTIq1+oMzjVY4QDueIFm7/2YxEgSjajtQ= 

                                        
                                            
x-amz-request-id: CYA1TZ18RFVB066J 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:17 GMT 

                                        
                                            
ETag: "4e9dae905828e0ee4bd6f4849463d5fd" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Content-Range: bytes 0-939586/939587 

                                        
                                            
Content-Length: 939587 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data

                                                Size:   939587

                                                Md5:    4e9dae905828e0ee4bd6f4849463d5fd

                                                Sha1:   1faf07536bb4e05fac327fce919a2ba48861659d

                                                Sha256: 3f323b32bf8d0db3f4f47a815d0b7a43eccb3899f837a2b645d06e59eb5eb31a

                                        
                                            GET /images/favicon.ico HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/x-icon

                                        

                                        
                                            
x-amz-id-2: 2GM1RH+Oo7JIRLs/OPfJSrmls1pwWkrIufazLdJT5aWuDbgNABEKJmW/8rLlCMaF9QlDE8aTJ9E= 

                                        
                                            
x-amz-request-id: Y5JJFAEXP3X803ZN 

                                        
                                            
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT 

                                        
                                            
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 4103 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   4103

                                                Md5:    4cdf3256cd7b8ec3917adb79d6bf457e

                                                Sha1:   bc615337e9223183a126c8fb649774866fb53e69

                                                Sha256: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

                                        
                                            GET /landings/276568/1666254351/js/jquery-2.2.4.min.js?1666254351 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://ymdxv.sexplayground.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.11.11

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
x-amz-id-2: ER704APz1DGjtDGOK8WB5eanLKjGOirdFhmjHkSHi20Ev6LJc3u0jc6nPCXA3qJAcg4KLq8SmtA= 

                                        
                                            
x-amz-request-id: 8742C1MCVB50T0YD 

                                        
                                            
Last-Modified: Mon, 24 Oct 2022 14:11:19 GMT 

                                        
                                            
ETag: "2f6b11a7e914718e0290410e85366fe9" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
Content-Length: 29855 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /css2?family=Lato:wght@300;400;700&display=swap HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://cdn-dimi.akamaized.net/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.74

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
date: Sat, 04 Feb 2023 18:10:37 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	rp.seroteforoh.com/?pcrc=55030560&v=2.0
IP	77.247.179.90 (Netherlands)
ASN	#43350 NForce Entertainment B.V.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2023-02-04 18:10:45 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	3
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (14)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 77.247.179.90

Last 5 reports on ASN: NForce Entertainment B.V.

Last 5 reports on domain: seroteforoh.com

Last 2 reports with similar screenshot

JavaScript

Executed Scripts (20)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (66)

Overview

Domain Summary (14)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 77.247.179.90

Last 5 reports on ASN: NForce Entertainment B.V.

Last 5 reports on domain: seroteforoh.com

Last 2 reports with similar screenshot

JavaScript

Executed Scripts (20)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (66)

Network Intrusion Detection Systems