r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15924
Expires: Tue, 15 Nov 2022 00:42:23 GMT
Date: Mon, 14 Nov 2022 20:16:59 GMT
Connection: keep-alive
amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
104.16.13.194301 Moved Permanently 580 B URL HTTP/1.1 amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
IP 104.16.13.194:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (565)
Hash ade2b935fb752f5514e629eac08f42ce
461f20d91916c4f403aa548e1e9c2298ede6a660
89aad159aecc3aa3aa74f00401a7e3881c474e86425ac43802f215283e96965c
Analyzer Verdict Alert quad9 Sinkholed
GET /nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 14 Nov 2022 20:16:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
CF-Ray: 76a26d930c540af6-OSL
Access-Control-Allow-Origin: *
Cache-Control: max-age=60, public, s-maxage=600, r-maxage=10
Last-Modified: Thu, 10 Nov 2022 16:28:49 GMT
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Status: 301 Moved Permanently
X-Content-Digest: 70898257ad96b59fe4ce81939e0ea91204d4c5bd
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss, store
X-Request-Id: 99509e7e666deccdf24a65b0590c26c5
X-Runtime: 0.078128
Set-Cookie: __cf_bm=YSRQ8vqEJpcoRmQ2LBcfEBsCRimU2Itah7WcudNlGT0-1668457019-0-Adq8DnnFBkBwSDYsyiEScMOAl7yB1/TJxsNQI2KgzVv4LhoX9bbOxOm25nVlxsY3FbOa3zncWdBVChqPuJnrhWv7ftsuZgWqWXtK9ZmOSJ+0; path=/; expires=Mon, 14-Nov-22 20:46:59 GMT; domain=.amadi-store.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4204
Cache-Control: max-age=141862
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:16:59 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:41:21 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 19:44:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1963
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19857
Expires: Tue, 15 Nov 2022 01:47:56 GMT
Date: Mon, 14 Nov 2022 20:16:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kLMkZyBXgvabsfvxgCsyELeXnvMGbZW9BEdiX+8YwxUtnZIjp3sQePpO16O0cjW88mkvLdcLyfE=
x-amz-request-id: W85Z5GH9CHN673CJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 20:13:59 GMT
age: 180
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 20:16:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 722314e784428b2ef361fda74e583ec7
b0dad2676d1164f144325b6a688b1ea4f8555fba
dee752f36c0c68d9f1ff54bb05f28bec8cc841386bbfc0aae27a18b7ea7bb369
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=108827
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:16:59 GMT
Etag: "6371a856-116"
Expires: Wed, 16 Nov 2022 02:30:46 GMT
Last-Modified: Mon, 14 Nov 2022 02:30:46 GMT
Server: nginx
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 19:44:48 GMT
cache-control: public,max-age=3600
age: 1932
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.4/fotorama.css
104.17.24.14200 OK 2.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.4/fotorama.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (15085)
Hash fb8f8a5d3bb81f57989c9b538211896c
91ba7e8510abf6c856a890ec3c27ef8b5ce6acbb
8669096e93f1fe9b3e2ffc8e562bfd54fe09536aad34f2bbddb0e11d005d717d
GET /ajax/libs/fotorama/4.6.4/fotorama.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: text/css; charset=utf-8
content-length: 2454
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e64-3b25"
last-modified: Mon, 04 May 2020 16:10:12 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4571325
expires: Sat, 04 Nov 2023 20:17:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oe0ep7iHoWuSjVYKeK4a9Axjpme9YqXx47u7a1ncH7tiFO8aPKnd5uQmmHRvIQr2IO3zFbKbf20i09y6RlzKpPTl0ZAK5GhwrAFJ0p8jjTESICTgxEWD5wM41j5po4lAymYBY%2Fur"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76a26d990e83b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.4/fotorama.js
104.17.24.14200 OK 15 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fotorama/4.6.4/fotorama.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32329)
Hash 4783bf033aa388f5bcd66428cbfb5cee
ee0457e9671de4b67d3b5d1410413f75a15f726c
c19f202cf8f83cae1b47a05b828e42ea623065185eb7d8fd026f31867899d353
GET /ajax/libs/fotorama/4.6.4/fotorama.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 14592
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e64-9800"
last-modified: Mon, 04 May 2020 16:10:12 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4028011
expires: Sat, 04 Nov 2023 20:17:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqgeYBfIct4TX7x1SdL5FTcQq0lagZJEJ6LBITyx8E85VbvfY8zBGV%2By9V9E4%2FSqAa%2BgPPbuqnqifCeu3mVG70NT1ksr3mndn4n%2Bx9abQNz0mwTRSY%2BTp%2FsM7CnP8MUsZTux7SoC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76a26d991e8ab524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e3520006c3ce7b8286e3f976370c5421
12dcc2e5666b3bc52d18ad0623e2638c724d1634
7ffb228a7c1bd56b1d14dcdae3cf07fbaa94673b2b660e0850a746de3e4f7cad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3513
Cache-Control: max-age=127457
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Etag: "6371e364-118"
Expires: Wed, 16 Nov 2022 07:41:17 GMT
Last-Modified: Mon, 14 Nov 2022 06:42:44 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.64.132.15200 OK 4.7 kB URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (26440)
Hash f44bcde9b414ff28147608f32a167fe3
9a3a1b88c071e6af369a44358dd4ecc78bcb23f9
90e736e26278982087156392399aef66838de7e0345f2ff915e12a835d56aa6a
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: text/css
x-amz-id-2: lj0FvMnfC9mptRM/Gd0lw9lT7Zj4wo+oaxaEYLcDnZaRJXq3Oc/kbTmcEwen2MxXaG9FhyIrGnI=
x-amz-request-id: 9D38DJ2PTJVFVSCR
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1638349
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8VmmWXfywFFAQeKEY%2BKHoYlpAb%2Fq9iMvjjtc3mIZF3%2BpBYJXkO0CKiSBluVrn4fH%2F%2Bje8XI%2BpTT5TErYbr4NIB5w1DaENPeeDUQu4fEDKjkhj2CH7%2FhhYHxaMRr2BrjSK2dyLVn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a26d992ae38926-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amadi-store.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 17:10:21 GMT
expires: Wed, 08 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 529599
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amadi-store.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 21:11:39 GMT
expires: Sun, 12 Nov 2023 21:11:39 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
age: 169521
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
216.58.207.238200 OK 77 kB URL HTTP/2 www.youtube.com/embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
IP 216.58.207.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash 134513607eae6f997706a830296dd909
3864dd1815f301184620e3cedea2da3c3e6e6292
ce47a5e2e592f433654218b04700f762f83081d67e1788192ae52883d2ab7358
GET /embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Nov 2022 20:17:00 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=V4fI1YSDR5Y; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=V6aDtfWyHp8; Domain=.youtube.com; Expires=Sat, 13-May-2023 20:17:00 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+376; expires=Wed, 13-Nov-2024 20:17:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 200702
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:46:16 GMT
expires: Fri, 10 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 340244
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js
216.58.207.238200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (679)
Hash 26abdee2f7fda61acfbceef73f936a78
58ddf48c21798f2dc309ba38d8432949be2f837b
8a340b331b69b7fff9df67bea03c42248219e5928cb5a662a58da0c4a0df0fd1
GET /s/player/c4225c42/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98145
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 02:08:24 GMT
expires: Sat, 11 Nov 2023 02:08:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 324516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js
216.58.207.238200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js
IP 216.58.207.238:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 05:48:26 GMT
expires: Fri, 10 Nov 2023 05:48:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 397714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
amadi-store.com/assets/pushcrew.js
104.16.14.194200 OK 76 kB URL HTTP/2 amadi-store.com/assets/pushcrew.js
IP 104.16.14.194:0
File type ASCII text, with very long lines (637), with no line terminators
Hash 6c00025a4a95fcce1544d405b13fab10
0e225044d96bba431c8720c815aa6ad0175a4a3b
ba81eb7b9082865d7fc50457b757382b401c88a0cb39febcc6f4d80fea9d5459
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/pushcrew.js HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: application/x-javascript
cf-ray: 76a26d98ced80b59-OSL
access-control-allow-origin: *
age: 150
cache-control: public, max-age=1200
etag: W/"6359dae3-27d"
expires: Mon, 14 Nov 2022 20:37:00 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
www.youtube.com/s/player/c4225c42/player_ias.vflset/en_US/base.js
216.58.207.238200 OK 589 kB URL HTTP/2 www.youtube.com/s/player/c4225c42/player_ias.vflset/en_US/base.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (573)
Size 589 kB (588928 bytes)
Hash 3c61e04a6271d4bd4d300ac9a59cf528
0b10d7deda462da8d0d8da1743efdc86307b6081
e1ff4de147ece58d8999e47403beb0610e251b18635f18a356f3b0129998fa4d
GET /s/player/c4225c42/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 588928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 02:08:22 GMT
expires: Sat, 11 Nov 2023 02:08:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
content-type: text/javascript
age: 324518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.189.157.130101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.157.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YRbnEtXnf9tm22ak+lPAUQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TmqGXo7B6AP7yTbL+1aZXPsIhkI=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aa9319f4b4b3a3c725d01b8405a1a697
8ac99abba8c7f3b05ab2a4cbb8c93f15bac5549d
efcf10f05a81df353889db2d17ba442f84662f246f6add2695ee6aa3231dfd08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFCF10F05A81DF353889DB2D17BA442F84662F246F6ADD2695EE6AA3231DFD08"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13198
Expires: Mon, 14 Nov 2022 23:56:59 GMT
Date: Mon, 14 Nov 2022 20:17:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aa9319f4b4b3a3c725d01b8405a1a697
8ac99abba8c7f3b05ab2a4cbb8c93f15bac5549d
efcf10f05a81df353889db2d17ba442f84662f246f6add2695ee6aa3231dfd08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFCF10F05A81DF353889DB2D17BA442F84662F246F6ADD2695EE6AA3231DFD08"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13198
Expires: Mon, 14 Nov 2022 23:56:59 GMT
Date: Mon, 14 Nov 2022 20:17:01 GMT
Connection: keep-alive
i.goopics.net/7wdq9j.png
51.159.159.140200 OK 700 kB IP 51.159.159.140:0
File type PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 700 kB (700087 bytes)
Hash d004508a9b8551059ed2b27f34067003
63b188a875bc66b1f55fb978c91bc4054162ae91
c8a084b935dc2eb4c94c24ea2c40b8ee1145a715fea3a3112cf72a88d4c739d2
GET /7wdq9j.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:01 GMT
content-type: image/png
content-length: 700087
last-modified: Thu, 10 Nov 2022 00:37:54 GMT
etag: d004508a9b8551059ed2b27f34067003
x-timestamp: 1668040673.17762
x-trans-id: txf15fa0c4bf9146e68dbf8-006371ef51
x-openstack-request-id: txf15fa0c4bf9146e68dbf8-006371ef51
x-iplb-request-id: 339F9F8C:EB9A_3626E64B:01BB_6371EF51_A971D88:5EB9
x-iplb-instance: 12309
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i.goopics.net/f4545s.png
51.159.159.140200 OK 482 kB IP 51.159.159.140:0
File type PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 482 kB (482424 bytes)
Hash eda7e0ece66159782f2965fa597fe159
50b3d6729c5b1daaf2e57f6a2804c43d35eda8cf
97a4cbc7c493f46abba0673335f1dec9dd1365a8ac7594848799f06cd4920ad5
GET /f4545s.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:01 GMT
content-type: image/png
content-length: 482424
last-modified: Thu, 10 Nov 2022 00:37:39 GMT
etag: eda7e0ece66159782f2965fa597fe159
x-timestamp: 1668040658.21050
x-trans-id: txf4392cc022cc4cdeb77f2-006371ef51
x-openstack-request-id: txf4392cc022cc4cdeb77f2-006371ef51
x-iplb-request-id: 339F9F8C:C584_5762BBC9:01BB_6371EF51_B008B30:1AA72
x-iplb-instance: 42086
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Mon, 14 Nov 2022 20:59:19 GMT
Date: Mon, 14 Nov 2022 20:17:01 GMT
Connection: keep-alive
cdn.shopify.com/s/files/1/0552/9717/9777/files/Favicon.png?v=1660076972
162.159.134.68200 OK 6.0 kB URL HTTP/2 cdn.shopify.com/s/files/1/0552/9717/9777/files/Favicon.png?v=1660076972
IP 162.159.134.68:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 00707bf0b58f7c31d02e4a2a9273e344
ec888ff0513f10e7522297a0c0dca6b3015d36ac
7fcfabbd723185ca8bb9d1e6863cbe62bb7a54639d496ece41cc349d4e68acaf
GET /s/files/1/0552/9717/9777/files/Favicon.png?v=1660076972 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:01 GMT
content-type: image/webp
content-length: 5994
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0552/9717/9777/files/Favicon.png>; rel="canonical"
source-length: 10596
source-type: image/png
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: b05acf99-a545-49f2-b598-fbc4316fbbe7
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Thu, 13 Oct 2022 01:46:26 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixD6B6XOY3z8x28e9QQmHVNUoiKZnr0oP32HsT400NNA%2FTQulEeJud%2B139UngD8VMaIQ%2B4qE1icF%2BxYYjTBKOrqYdDlst7PbAiqILbhBYFCJzRtXeNFgYNiPPQZQs5EzTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=1455.095, imageryFetch;dur=96.660, imageryProcess;dur=1322.558;desc="image", cfRequestDuration;dur=260.000229
server: cloudflare
cf-ray: 76a26da20c54b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2537
Expires: Mon, 14 Nov 2022 20:59:19 GMT
Date: Mon, 14 Nov 2022 20:17:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2537
Expires: Mon, 14 Nov 2022 20:59:19 GMT
Date: Mon, 14 Nov 2022 20:17:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2537
Expires: Mon, 14 Nov 2022 20:59:19 GMT
Date: Mon, 14 Nov 2022 20:17:02 GMT
Connection: keep-alive
app.clickfunnels.com/userevents/?funnel_id=RnRQVFcwVCtqa3R5UTlVcTV5c3hKZz09LS1FRWNyMnZCUkpOcC92RlQ3WWVHa21BPT0%3D--a11d400d3e45c32dcf23220e13473b7c035f7389&page_id=T3FsM0hOWGpNSHJxS1BYS2JhVDQ4UT09LS05ZGJCU3VjMXYxTThaUUs5WEhvY0NnPT0%3D--f5b3eca5a7cc9d1b4b04640b5f31048730708e63&funnel_step_id=RnloOE5CQTh4UVBpN3ZiTHM0UTIvQT09LS1ETGc3VUtqNnVlNnA1YzdHaGxqLzB3PT0%3D--8888cdaee80b9d0d9e35d5b3f4b02d7c48b577dc&user_id=Mk11UnQ2YXIrVkhNYlFHVUh6RFR0UT09LS1WekVOeDAyWVErK2tSMUhBL2hmYXdRPT0%3D--1e11f48722d2f79824096c2527f6d0a289aa6fff&account_id=dWp1Tnp2NWdkdllId1hMZi9wUjNlUT09LS1peU53VEJtMXpkU2JrVzlFNUh0ZXF3PT0%3D--9ea34b4382f21204b28334ba4f1e8bcd2938fdac&page_code=NTcwNjA3Mjc%3D&mode_id=1&time_zone=America%2FDenver&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=78ab6f72-b9d3-491f-bb84-aaa920f9b126&url=https%3A%2F%2Famadi-store.com%2Fnails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue
104.16.13.194202 Accepted 39 kB URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=RnRQVFcwVCtqa3R5UTlVcTV5c3hKZz09LS1FRWNyMnZCUkpOcC92RlQ3WWVHa21BPT0%3D--a11d400d3e45c32dcf23220e13473b7c035f7389&page_id=T3FsM0hOWGpNSHJxS1BYS2JhVDQ4UT09LS05ZGJCU3VjMXYxTThaUUs5WEhvY0NnPT0%3D--f5b3eca5a7cc9d1b4b04640b5f31048730708e63&funnel_step_id=RnloOE5CQTh4UVBpN3ZiTHM0UTIvQT09LS1ETGc3VUtqNnVlNnA1YzdHaGxqLzB3PT0%3D--8888cdaee80b9d0d9e35d5b3f4b02d7c48b577dc&user_id=Mk11UnQ2YXIrVkhNYlFHVUh6RFR0UT09LS1WekVOeDAyWVErK2tSMUhBL2hmYXdRPT0%3D--1e11f48722d2f79824096c2527f6d0a289aa6fff&account_id=dWp1Tnp2NWdkdllId1hMZi9wUjNlUT09LS1peU53VEJtMXpkU2JrVzlFNUh0ZXF3PT0%3D--9ea34b4382f21204b28334ba4f1e8bcd2938fdac&page_code=NTcwNjA3Mjc%3D&mode_id=1&time_zone=America%2FDenver&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=78ab6f72-b9d3-491f-bb84-aaa920f9b126&url=https%3A%2F%2Famadi-store.com%2Fnails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue
IP 104.16.13.194:0
Hash 2c33d27a307934425dc8db334ed19890
faced40079c1f065ed90419d74fc670e607bee5d
6546f8adf1dff278674aedb3e1cdf0231618c80d758b03be648fd8682a297957
GET /userevents/?funnel_id=RnRQVFcwVCtqa3R5UTlVcTV5c3hKZz09LS1FRWNyMnZCUkpOcC92RlQ3WWVHa21BPT0%3D--a11d400d3e45c32dcf23220e13473b7c035f7389&page_id=T3FsM0hOWGpNSHJxS1BYS2JhVDQ4UT09LS05ZGJCU3VjMXYxTThaUUs5WEhvY0NnPT0%3D--f5b3eca5a7cc9d1b4b04640b5f31048730708e63&funnel_step_id=RnloOE5CQTh4UVBpN3ZiTHM0UTIvQT09LS1ETGc3VUtqNnVlNnA1YzdHaGxqLzB3PT0%3D--8888cdaee80b9d0d9e35d5b3f4b02d7c48b577dc&user_id=Mk11UnQ2YXIrVkhNYlFHVUh6RFR0UT09LS1WekVOeDAyWVErK2tSMUhBL2hmYXdRPT0%3D--1e11f48722d2f79824096c2527f6d0a289aa6fff&account_id=dWp1Tnp2NWdkdllId1hMZi9wUjNlUT09LS1peU53VEJtMXpkU2JrVzlFNUh0ZXF3PT0%3D--9ea34b4382f21204b28334ba4f1e8bcd2938fdac&page_code=NTcwNjA3Mjc%3D&mode_id=1&time_zone=America%2FDenver&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=78ab6f72-b9d3-491f-bb84-aaa920f9b126&url=https%3A%2F%2Famadi-store.com%2Fnails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amadi-store.com
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Mon, 14 Nov 2022 20:17:01 GMT
content-type: text/html
cf-ray: 76a26d9e5ecd1c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: e701a500a1580799025c286d277278d4
x-runtime: 0.035468
set-cookie: __cf_bm=A4_WSns259gMWrVWNV38dEkEBdGwNU03VuPeGpuoHJM-1668457021-0-AX/rsz6POtuPXoz+Y9+JSOmFB8zonwlVK1LsU2NJZVXBAFIFs5wLsXs/dpkRd7kHbPJIUKl7DjyypO65rt2D7zz/dZ8A+kycWvi8xaMGAyyN; path=/; expires=Mon, 14-Nov-22 20:47:01 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2537
Expires: Mon, 14 Nov 2022 20:59:19 GMT
Date: Mon, 14 Nov 2022 20:17:02 GMT
Connection: keep-alive
app.clickfunnels.com/userevents/?funnel_id=RnRQVFcwVCtqa3R5UTlVcTV5c3hKZz09LS1FRWNyMnZCUkpOcC92RlQ3WWVHa21BPT0%3D--a11d400d3e45c32dcf23220e13473b7c035f7389&page_id=T3FsM0hOWGpNSHJxS1BYS2JhVDQ4UT09LS05ZGJCU3VjMXYxTThaUUs5WEhvY0NnPT0%3D--f5b3eca5a7cc9d1b4b04640b5f31048730708e63&funnel_step_id=RnloOE5CQTh4UVBpN3ZiTHM0UTIvQT09LS1ETGc3VUtqNnVlNnA1YzdHaGxqLzB3PT0%3D--8888cdaee80b9d0d9e35d5b3f4b02d7c48b577dc&user_id=Mk11UnQ2YXIrVkhNYlFHVUh6RFR0UT09LS1WekVOeDAyWVErK2tSMUhBL2hmYXdRPT0%3D--1e11f48722d2f79824096c2527f6d0a289aa6fff&account_id=dWp1Tnp2NWdkdllId1hMZi9wUjNlUT09LS1peU53VEJtMXpkU2JrVzlFNUh0ZXF3PT0%3D--9ea34b4382f21204b28334ba4f1e8bcd2938fdac&page_code=NTcwNjA3Mjc%3D&mode_id=1&time_zone=America%2FDenver&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=fc8cf7d7-f005-4be2-bc9a-069eb1a8e9bb&url=https%3A%2F%2Famadi-store.com%2Fnails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue
104.16.13.194202 Accepted 7.5 kB URL HTTP/2 app.clickfunnels.com/userevents/?funnel_id=RnRQVFcwVCtqa3R5UTlVcTV5c3hKZz09LS1FRWNyMnZCUkpOcC92RlQ3WWVHa21BPT0%3D--a11d400d3e45c32dcf23220e13473b7c035f7389&page_id=T3FsM0hOWGpNSHJxS1BYS2JhVDQ4UT09LS05ZGJCU3VjMXYxTThaUUs5WEhvY0NnPT0%3D--f5b3eca5a7cc9d1b4b04640b5f31048730708e63&funnel_step_id=RnloOE5CQTh4UVBpN3ZiTHM0UTIvQT09LS1ETGc3VUtqNnVlNnA1YzdHaGxqLzB3PT0%3D--8888cdaee80b9d0d9e35d5b3f4b02d7c48b577dc&user_id=Mk11UnQ2YXIrVkhNYlFHVUh6RFR0UT09LS1WekVOeDAyWVErK2tSMUhBL2hmYXdRPT0%3D--1e11f48722d2f79824096c2527f6d0a289aa6fff&account_id=dWp1Tnp2NWdkdllId1hMZi9wUjNlUT09LS1peU53VEJtMXpkU2JrVzlFNUh0ZXF3PT0%3D--9ea34b4382f21204b28334ba4f1e8bcd2938fdac&page_code=NTcwNjA3Mjc%3D&mode_id=1&time_zone=America%2FDenver&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=fc8cf7d7-f005-4be2-bc9a-069eb1a8e9bb&url=https%3A%2F%2Famadi-store.com%2Fnails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue
IP 104.16.13.194:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfc7286992b2cebdf1ebb58f85576e61
a49a1bf9716e32979810931d04d1f84216d096c1
7c5288d4ae39202e00c7fd482faa10b5610d31edf0bba9fc69fa4fc1f422b837
GET /userevents/?funnel_id=RnRQVFcwVCtqa3R5UTlVcTV5c3hKZz09LS1FRWNyMnZCUkpOcC92RlQ3WWVHa21BPT0%3D--a11d400d3e45c32dcf23220e13473b7c035f7389&page_id=T3FsM0hOWGpNSHJxS1BYS2JhVDQ4UT09LS05ZGJCU3VjMXYxTThaUUs5WEhvY0NnPT0%3D--f5b3eca5a7cc9d1b4b04640b5f31048730708e63&funnel_step_id=RnloOE5CQTh4UVBpN3ZiTHM0UTIvQT09LS1ETGc3VUtqNnVlNnA1YzdHaGxqLzB3PT0%3D--8888cdaee80b9d0d9e35d5b3f4b02d7c48b577dc&user_id=Mk11UnQ2YXIrVkhNYlFHVUh6RFR0UT09LS1WekVOeDAyWVErK2tSMUhBL2hmYXdRPT0%3D--1e11f48722d2f79824096c2527f6d0a289aa6fff&account_id=dWp1Tnp2NWdkdllId1hMZi9wUjNlUT09LS1peU53VEJtMXpkU2JrVzlFNUh0ZXF3PT0%3D--9ea34b4382f21204b28334ba4f1e8bcd2938fdac&page_code=NTcwNjA3Mjc%3D&mode_id=1&time_zone=America%2FDenver&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=fc8cf7d7-f005-4be2-bc9a-069eb1a8e9bb&url=https%3A%2F%2Famadi-store.com%2Fnails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amadi-store.com
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Mon, 14 Nov 2022 20:17:01 GMT
content-type: text/html
cf-ray: 76a26d9e4ec51c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 64a90c75662e80bd7cb27134b71a9124
x-runtime: 0.082531
set-cookie: __cf_bm=0tRhipshrsBij6Si4RMViGTTKUawmE7Hm.wfvCKXauY-1668457021-0-ASRw+6P/3FE4MIIUqoPccBMq2nhVKo7udQRxMwORM1SXM1AECeR5LHmlQNFnbisck7a8M/JzzdPmehoL3qFQrwN/WfXnQ6dYzoOze/BOiybM; path=/; expires=Mon, 14-Nov-22 20:47:01 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 31a009393081c25d9afbde558a278ebf
bf8de6c00f579baa320456bd0e79ab80978008bc
90e81f6a10d3dbc56a45e9cfd65dbcd6bddf9e3ab526b4cca270bc2f26404950
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa23e03e8-7a4b-473b-801f-39322d374478.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5149
x-amzn-requestid: f9b58134-4474-4ba5-bc90-368568c30eb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNaeqGAZoAMF9Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368712a-4f7bbb4743f15dc2471fba0c;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 02:44:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-wKxHkN3mhPg5hGlsMSmENk1tERrZrO83Ohro0OmuKUQ5bC2tgTiw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 08:14:40 GMT
age: 43342
etag: "bf8de6c00f579baa320456bd0e79ab80978008bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0db3498954921b58948ad8a4e7fd49f
6b618c3ff6e589f9e01650bd0a619acb70d8004e
fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:01:14 GMT
age: 80148
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac5583760066002adcbba078f6dd1be4
39ca30395586cf1a0a0fa739f7279af807f548a3
cb5986e3330858716cd290297a81d77e371b838637fc57eece94810211715a7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68733d52-6c87-4ac4-ba56-bc5f74ff782b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9921
x-amzn-requestid: 933f6aa6-3bec-4f71-aba8-ef9e77942ae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjycgGB-oAMFsDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644f-47d26359464b62b7276316e6;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9DG6rCPdRRiHKrAVXztWJwZlUYYCb893lXH8YDzEMGSEUbeaVkABWw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:04:26 GMT
age: 79956
etag: "39ca30395586cf1a0a0fa739f7279af807f548a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 51fe746f95bcb62066d1685ea5e21b91
12dbdbde2e32c390f3d584b068ce0a246c2efbf8
c66aa6d1655c0084f060559fcf2d29633856f323847b30a5bf0d0153289d3efd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C66AA6D1655C0084F060559FCF2D29633856F323847B30A5BF0D0153289D3EFD"
Last-Modified: Mon, 14 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Mon, 14 Nov 2022 22:18:55 GMT
Date: Mon, 14 Nov 2022 20:17:02 GMT
Connection: keep-alive
amadi-store.com/vendor.js
104.16.14.194200 OK 42 kB URL HTTP/2 amadi-store.com/vendor.js
IP 104.16.14.194:0
Hash 8ae7124c80e8e8267edcbc8ff9293bc4
fdd19c2e2217ec0eb48405ea4dc09f797197241d
83686b1e252cb1681f1f0e1f9b9ec4d99f36f96c34da4bf17d43cbd8cf6007a3
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor.js HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:01 GMT
content-type: application/javascript
cf-ray: 76a26d9d6bbd0b59-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: 0aace0a98a49938bc62a9362248f54a3
x-runtime: 0.015783
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 20:14:05 GMT
expires: Mon, 14 Nov 2022 20:29:05 GMT
cache-control: public, max-age=900
age: 177
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 14 Nov 2022 20:17:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 14 Nov 2022 20:17:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash bbddc3ef14d26771175e2240ed3890b9
d11f7b43db727cd33b59404dae80c8142d63c148
e74ab1a85abd4d5da6316bdc5e0e0755286e4ebce828c5a0004917a9d55d0327
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 14 Nov 2022 20:17:02 GMT
server: ESF
cache-control: private
content-length: 30727
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.74200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 29103f73ec83ad55363dd89283bd0f50
0facb2c8d26e224db34308c6919dbc5fc040afee
05c9ec10e4be189369dedc5b22ca0eeb5058c048a25b271f513b077bd4a1fa28
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 14 Nov 2022 20:17:02 GMT
server: ESF
cache-control: private
content-length: 30607
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35786)
Hash ab1d51e6cf1d842260dab25a4332649c
0c814f9168dff9647a797787c2109a568904fedb
4b4e6a92912d486accd192aec1f4ba5ffee3658019c01e98199976a192941f09
GET /js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 16:39:52 GMT
expires: Fri, 10 Nov 2023 16:39:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 358630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36070)
Hash 7d6dc2989ad5a0a0590a37f1e0d2fb53
d8a8adcb74248ab834fa21e83d4935dd9a1ff4aa
92dfcdcf42525cfbe070b98ead507fa1cb2db11b4e5d390b64f04fc661c6515c
GET /js/th/gMsH84TQuiDEVfr1BCtG5xcdN73b4dVBHpnGqNHnahs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 10:23:35 GMT
expires: Sun, 12 Nov 2023 10:23:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
content-type: text/javascript
age: 208407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e750b50f8f7050d1c2180ebc2ee2ce7c
e382ddfdda9d86eec74517bae1dd9264d9abcbb6
a32b393b8eb3606470c968534a80cadd36d5eb8e3d3c9fa82f0e93061dec0712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c3304327b77a6a8e6b9ee69f63c5c81f
20f2dc91fc2fbd013d9fa40806c2061b50262cd0
7e069ab5b61bfec87f840bf474e68373b749c3bd1d514cd2ade049efd9129d46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu8Q2nzKxkb-Pjn6B_IFvDy_UcpCOmEE8wUWzXpqQaqDt6y6qKUmZ9uhceOk6vLI=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 628 B URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu8Q2nzKxkb-Pjn6B_IFvDy_UcpCOmEE8wUWzXpqQaqDt6y6qKUmZ9uhceOk6vLI=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 60ec304ef5b9edf449fc6abfaeb9a5a2
b59fe20b1a8c537b5abf266ee5aa3550269145bc
2d52c539a131fd46c1bdefc7a9bcfddac0335afe315bb3587b10722a132dc54e
GET /ytc/AMLnZu8Q2nzKxkb-Pjn6B_IFvDy_UcpCOmEE8wUWzXpqQaqDt6y6qKUmZ9uhceOk6vLI=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 628
x-xss-protection: 0
date: Mon, 14 Nov 2022 19:33:28 GMT
expires: Tue, 15 Nov 2022 19:33:28 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 2614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/NWcDkKLtnq8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-BIAC6AKKAgwIABABGGUgRShDMA8=&rs=AOn4CLCWRFy3wDQDueeVE353MMndsxAq-Q
142.250.74.182200 OK 18 kB URL HTTP/2 i.ytimg.com/vi/NWcDkKLtnq8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-BIAC6AKKAgwIABABGGUgRShDMA8=&rs=AOn4CLCWRFy3wDQDueeVE353MMndsxAq-Q
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 615fc14df7e174d5d4e7d30b9157af19
474ac1e71d3107b57c554f657d80c2109820088e
d697ea92c328cf1c0aaeea53b2e93b919bcee289714c4829b0b7a793eccf6355
GET /vi/NWcDkKLtnq8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-BIAC6AKKAgwIABABGGUgRShDMA8=&rs=AOn4CLCWRFy3wDQDueeVE353MMndsxAq-Q HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 17614
date: Mon, 14 Nov 2022 20:17:02 GMT
expires: Mon, 14 Nov 2022 22:17:02 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash c3304327b77a6a8e6b9ee69f63c5c81f
20f2dc91fc2fbd013d9fa40806c2061b50262cd0
7e069ab5b61bfec87f840bf474e68373b749c3bd1d514cd2ade049efd9129d46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e750b50f8f7050d1c2180ebc2ee2ce7c
e382ddfdda9d86eec74517bae1dd9264d9abcbb6
a32b393b8eb3606470c968534a80cadd36d5eb8e3d3c9fa82f0e93061dec0712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.goopics.net/i4yu6u.png
51.159.159.140200 OK 8.0 kB IP 51.159.159.140:0
File type PNG image data, 1000 x 300, 8-bit colormap, non-interlaced\012- data
Hash 0c0e74b719d00be19e527b2466c5be6f
1c518abb98c07aec58f2ffab0c1645737437cda5
e584e1d29579b1acf4b15181323e99a0134ce559ee9ff162ac185c5850d2d4e8
GET /i4yu6u.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 7970
last-modified: Wed, 09 Nov 2022 12:34:24 GMT
etag: 0c0e74b719d00be19e527b2466c5be6f
x-timestamp: 1667997263.95562
x-trans-id: txd960d27afcd14bb59bfea-006371ef53
x-openstack-request-id: txd960d27afcd14bb59bfea-006371ef53
x-iplb-request-id: 339F9F8C:C5CC_5762BBC9:01BB_6371EF53_AEE154F:1AA70
x-iplb-instance: 42086
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
amadi-store.com/hosted/images/10/cb39ccfccf448d89a88fe3ee84668c/costumer-service.png
104.16.14.194200 OK 19 kB URL HTTP/2 amadi-store.com/hosted/images/10/cb39ccfccf448d89a88fe3ee84668c/costumer-service.png
IP 104.16.14.194:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 27a4e33d524913dff9a218909cfd6955
0aa02fb95c751b6a702182399d0588988120c8e2
dd327f630207e9027af10f0616dee672f2b11362c3564927b6155fa59bf22e76
Analyzer Verdict Alert quad9 Sinkholed
GET /hosted/images/10/cb39ccfccf448d89a88fe3ee84668c/costumer-service.png HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 18646
cf-ray: 76a26da8582a0b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "27a4e33d524913dff9a218909cfd6955"
last-modified: Mon, 29 Aug 2022 21:51:10 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
assets.clickfunnels.com/images/closemodal.png
104.16.13.194200 OK 672 B URL HTTP/2 assets.clickfunnels.com/images/closemodal.png
IP 104.16.13.194:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/webp
content-length: 672
cf-ray: 76a26da83ac5fac4-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 359211
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "6359dae3-314"
expires: Thu, 15 Dec 2022 20:17:02 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=ADTXBmpMr6klyl5i4_MYL.z1jbJMO7SVJOujMafz7zs-1668457022-0-ARYiFm+LtjOowwcs4sHJeNHk/zBpNMGcYyfRHslwcmd9/4SeLdBCeQlmPZzsj7NLg/41sMmpqru+fRcevC4meClxguKMQkceqxmK4DfDl/Wt; path=/; expires=Mon, 14-Nov-22 20:47:02 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
amadi-store.com/hosted/images/54/192f2d5edf40758350c034bce53c34/credit-card.png
104.16.14.194200 OK 8.5 kB URL HTTP/2 amadi-store.com/hosted/images/54/192f2d5edf40758350c034bce53c34/credit-card.png
IP 104.16.14.194:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 1ccf19abb01f45fd7624e44cae7eb854
ed00fdcd6b07ae8bc79a0dd742bd50a98b93d93e
92c91379c9408079183cf0cfc75700f91a419498c4e5e5647e704320e4d483a2
Analyzer Verdict Alert quad9 Sinkholed
GET /hosted/images/54/192f2d5edf40758350c034bce53c34/credit-card.png HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 8528
cf-ray: 76a26da858330b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "1ccf19abb01f45fd7624e44cae7eb854"
last-modified: Mon, 29 Aug 2022 21:51:11 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
amadi-store.com/hosted/images/c4/8e7eeb764b42a5a38b3c7b202b986d/delivery-truck.png
104.16.14.194200 OK 17 kB URL HTTP/2 amadi-store.com/hosted/images/c4/8e7eeb764b42a5a38b3c7b202b986d/delivery-truck.png
IP 104.16.14.194:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash e1ce01916b5be629909e130dd398b7e1
37473af9952f8ee19794ad3f2b9d62274ee8d733
5ac2467212ee70ea26cd8c1bd8a266f5313f2be42ac4d8e837369076c5b113a5
Analyzer Verdict Alert quad9 Sinkholed
GET /hosted/images/c4/8e7eeb764b42a5a38b3c7b202b986d/delivery-truck.png HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 16696
cf-ray: 76a26da858270b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "e1ce01916b5be629909e130dd398b7e1"
last-modified: Mon, 29 Aug 2022 21:51:11 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
amadi-store.com/hosted/images/4d/86f1145039407693b3f8a2c45d3c6c/Badgepaiement.png
104.16.14.194200 OK 6.4 kB URL HTTP/2 amadi-store.com/hosted/images/4d/86f1145039407693b3f8a2c45d3c6c/Badgepaiement.png
IP 104.16.14.194:0
File type PNG image data, 788 x 90, 8-bit colormap, non-interlaced\012- data
Hash e5c170822e2b207681f41e26b4bde132
6e3fdc1df9595b63761e9f1913d7e8c2c914c37a
11230ced88cdc20c1a65c040e4cab0930f7d759860b109d6e2ebfb94f763300d
Analyzer Verdict Alert quad9 Sinkholed
GET /hosted/images/4d/86f1145039407693b3f8a2c45d3c6c/Badgepaiement.png HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 6422
cf-ray: 76a26da8583a0b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "e5c170822e2b207681f41e26b4bde132"
last-modified: Mon, 29 Aug 2022 21:53:12 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
amadi-store.com/hosted/images/a8/f9186bec3d4937ad92689d9bc59776/GDPR.png
104.16.14.194200 OK 13 kB URL HTTP/2 amadi-store.com/hosted/images/a8/f9186bec3d4937ad92689d9bc59776/GDPR.png
IP 104.16.14.194:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash dcc5d9a2e15d318260d20407db482361
5cca721520d4106d5ef5c26925e3dae2ccdec264
e02f4968ebab66e2f11f99d8d88bb830f03f046a3ce86e6e69258b2eddb29f8e
Analyzer Verdict Alert quad9 Sinkholed
GET /hosted/images/a8/f9186bec3d4937ad92689d9bc59776/GDPR.png HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 12858
cf-ray: 76a26da858360b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "dcc5d9a2e15d318260d20407db482361"
last-modified: Tue, 08 Nov 2022 09:44:24 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
amadi-store.com/hosted/images/ed/c929b8b2b64fcab084c4e974151146/PCJ.png
104.16.14.194200 OK 8.4 kB URL HTTP/2 amadi-store.com/hosted/images/ed/c929b8b2b64fcab084c4e974151146/PCJ.png
IP 104.16.14.194:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash 2d6343ff81dad54d0b48dbd28d999a72
9d8fd49416d69acf67575cf7a3a78f89d4624440
764b2c7317378107240947d5c5816987e6848840a1eb4f7771581e5bd164ff86
Analyzer Verdict Alert quad9 Sinkholed
GET /hosted/images/ed/c929b8b2b64fcab084c4e974151146/PCJ.png HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 8369
cf-ray: 76a26da858380b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "2d6343ff81dad54d0b48dbd28d999a72"
last-modified: Tue, 08 Nov 2022 09:50:06 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
amadi-store.com/hosted/images/80/f7bee81aba4a69aefed128ea2ce497/Trustpilot.png
104.16.14.194200 OK 7.3 kB URL HTTP/2 amadi-store.com/hosted/images/80/f7bee81aba4a69aefed128ea2ce497/Trustpilot.png
IP 104.16.14.194:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash bab8e95d9f4342db7dd67bb1dedaa75b
93158658015e2a5109e3f3e99b8307bd56064aa9
f6550fa97d3fd5943e99d9a2f80c891d7da81ed34bcc3fe28da56517dc09df66
Analyzer Verdict Alert quad9 Sinkholed
GET /hosted/images/80/f7bee81aba4a69aefed128ea2ce497/Trustpilot.png HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 7313
cf-ray: 76a26da858370b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "bab8e95d9f4342db7dd67bb1dedaa75b"
last-modified: Tue, 08 Nov 2022 09:46:51 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 14 Nov 2022 20:17:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 3820
x-timer: S1668457023.805747,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
amadi-store.com/hosted/images/7a/400e90ae404989be24df4889dbd50f/good-review.png
104.16.14.194200 OK 17 kB URL HTTP/2 amadi-store.com/hosted/images/7a/400e90ae404989be24df4889dbd50f/good-review.png
IP 104.16.14.194:0
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash fd6e73e3bdfffbc047a587b307998e24
04f87742f1f32eea40633e5f8224194bd1fc02e6
e508f35e4ebc3dc2e90fb1aca8aad95608e295d57a3a3c6f7e17940a306ff86a
Analyzer Verdict Alert quad9 Sinkholed
GET /hosted/images/7a/400e90ae404989be24df4889dbd50f/good-review.png HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 17156
cf-ray: 76a26da8582b0b59-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "fd6e73e3bdfffbc047a587b307998e24"
last-modified: Mon, 29 Aug 2022 21:51:18 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 14 Nov 2022 20:17:03 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.74200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b1b2a2f216a7ea44afeb26ef76f01ec4
ef3656f0ff0ea000b0d73d6f1ad7616d426b2c80
95f20abd0a5d1c40bfad53c8c895b2e2ea18b3863e431f47b1cd264bfa8b738e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 902
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 14 Nov 2022 20:17:03 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.goopics.net/4dcfq3.png
51.159.159.140200 OK 822 kB IP 51.159.159.140:0
File type PNG image data, 800 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 822 kB (821992 bytes)
Hash 4c3ba32208d0bc251719efd1094280da
4e9bb94d2454186da74bb97c9ced7ed32ed54468
51845cff042ea8a7a948b37506cfb5f1a48fac07a26b7e03ca7a34f18141916d
GET /4dcfq3.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 821992
last-modified: Thu, 10 Nov 2022 00:41:39 GMT
etag: 4c3ba32208d0bc251719efd1094280da
x-timestamp: 1668040898.90517
x-trans-id: tx6f64b9af6cd142b4b2d2e-006371ef53
x-openstack-request-id: tx6f64b9af6cd142b4b2d2e-006371ef53
x-iplb-request-id: 339F9F8C:C5E0_5762BBC9:01BB_6371EF53_C1675C6:1AA7A
x-iplb-instance: 42086
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i.goopics.net/vqng42.png
51.159.159.140200 OK 1.0 MB IP 51.159.159.140:0
File type PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 1.0 MB (1024182 bytes)
Hash 06ed7b56b923c22eee14690344e566bc
c0da457bb0aee600d6c9a33aacbc884d38be4b83
f673b448d4842a18c0156e2e841f3aa5163278253d20882d6644bb4bedad7647
GET /vqng42.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 1024182
last-modified: Wed, 09 Nov 2022 12:36:10 GMT
etag: 06ed7b56b923c22eee14690344e566bc
x-timestamp: 1667997369.11891
x-trans-id: txc37fa04ae66e49789abc0-006371ef53
x-openstack-request-id: txc37fa04ae66e49789abc0-006371ef53
x-iplb-request-id: 339F9F8C:C5D0_5762BBC9:01BB_6371EF53_B02EB38:1AA77
x-iplb-instance: 42086
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
amadi-store.com/cdn-cgi/rum?
104.16.14.194204 No Content 0 B URL HTTP/2 amadi-store.com/cdn-cgi/rum?
IP 104.16.14.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /cdn-cgi/rum? HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 13741
Origin: https://amadi-store.com
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9; is_eu=false; 2aa4dlhz19k0wegs=true; 12581415_viewed_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Mon, 14 Nov 2022 20:17:03 GMT
access-control-allow-origin: https://amadi-store.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 76a26daabb250b59-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
i.goopics.net/qpq5y2.png
51.159.159.140200 OK 1.2 MB IP 51.159.159.140:0
File type PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 1.2 MB (1239601 bytes)
Hash 1817e808b0aa8b9ea84d1300901e5cea
5220d0af18b6f45498f8e4b744cc3c12ab0ac51a
fa6af52f75e4c046fabf6f4ebc728ea3bffa19d72e9109cd31debf86d4782370
GET /qpq5y2.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 1239601
last-modified: Wed, 09 Nov 2022 12:36:11 GMT
etag: 1817e808b0aa8b9ea84d1300901e5cea
x-timestamp: 1667997370.93941
x-trans-id: txe9b4a113748a4035adbda-006371ef53
x-openstack-request-id: txe9b4a113748a4035adbda-006371ef53
x-iplb-request-id: 339F9F8C:EBE6_3626E64B:01BB_6371EF53_AC9C8BB:5EC7
x-iplb-instance: 12309
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i.goopics.net/yw7bni.png
51.159.159.140200 OK 744 kB IP 51.159.159.140:0
File type PNG image data, 2000 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 744 kB (744492 bytes)
Hash 7e2e6df25f88b5da2530aa96c75cba9e
025d6fbbc0cf5c00af70f28f013272e01424a6a9
be9dc237ea6464f26b95a0668a76b2274e294f9075b57109b26956c238c87ff8
GET /yw7bni.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 744492
last-modified: Wed, 09 Nov 2022 12:36:12 GMT
etag: 7e2e6df25f88b5da2530aa96c75cba9e
x-timestamp: 1667997371.71783
x-trans-id: tx554894079e9d40dfbc107-006371ef53
x-openstack-request-id: tx554894079e9d40dfbc107-006371ef53
x-iplb-request-id: 339F9F8C:C5D4_5762BBC9:01BB_6371EF53_AE8FF30:1AA80
x-iplb-instance: 42086
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i.goopics.net/i8nqrc.png
51.159.159.140200 OK 724 kB IP 51.159.159.140:0
File type PNG image data, 1000 x 1100, 8-bit/color RGB, non-interlaced\012- data
Size 724 kB (723789 bytes)
Hash 40a0b4a97b5bff9f306d4d7450677733
fd5ddc9bbbbdc160515a6025ad0e6f17235e946b
ac7bc07d78c53e995b3f4655ddf00b349dbe181b9183f70e6d7e0119818af462
GET /i8nqrc.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 723789
last-modified: Wed, 09 Nov 2022 12:36:11 GMT
etag: 40a0b4a97b5bff9f306d4d7450677733
x-timestamp: 1667997370.53719
x-trans-id: tx2aaec5ebc4e8490d98ba6-006371ef53
x-openstack-request-id: tx2aaec5ebc4e8490d98ba6-006371ef53
x-iplb-request-id: 339F9F8C:EBEA_3626E64B:01BB_6371EF53_B07869C:1DCE9
x-iplb-instance: 12308
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i.goopics.net/pe94a6.png
51.159.159.140200 OK 622 kB IP 51.159.159.140:0
File type PNG image data, 800 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 622 kB (622066 bytes)
Hash 04c68e6d547eb61b2e0f17f0aadcd56c
5c1a7f0d60b5e2f7d7669b55f8c69e76a395b164
0b4f62ee948980b3dafd007c063fbabc42aef4d580a92bf8f2dc7f2a7e59f806
GET /pe94a6.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 622066
last-modified: Thu, 10 Nov 2022 00:41:38 GMT
etag: 04c68e6d547eb61b2e0f17f0aadcd56c
x-timestamp: 1668040897.49565
x-trans-id: txf55ad6ff33c046c6ac7b8-006371ef53
x-openstack-request-id: txf55ad6ff33c046c6ac7b8-006371ef53
x-iplb-request-id: 339F9F8C:EBEE_3626E64B:01BB_6371EF53_ACB2542:5EC0
x-iplb-instance: 12309
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i.goopics.net/0px74o.png
51.159.159.140200 OK 605 kB IP 51.159.159.140:0
File type PNG image data, 800 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 605 kB (604747 bytes)
Hash 0d72a7bd6be3592cb127cdc02213998a
86eb54d6eb68971fb955d036a2bd7f27536a0cbe
9e602b3568e7e3145a1449eb0ff0cb6376bafc2619034abaf5f7111bf4f9424d
GET /0px74o.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 604747
last-modified: Thu, 10 Nov 2022 00:41:38 GMT
etag: 0d72a7bd6be3592cb127cdc02213998a
x-timestamp: 1668040897.43012
x-trans-id: txc45e65b3650744679c335-006371ef53
x-openstack-request-id: txc45e65b3650744679c335-006371ef53
x-iplb-request-id: 339F9F8C:C5DC_5762BBC9:01BB_6371EF53_B365DF0:1DE6E
x-iplb-instance: 42084
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i.goopics.net/r5s5od.png
51.159.159.140200 OK 1.8 MB IP 51.159.159.140:0
File type PNG image data, 2000 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 1.8 MB (1786219 bytes)
Hash 34db85553d49027fae16ee7734ac280f
3a96f9480ac356a40ba0f3fe1082acc729fa9766
47364dc74b9ee68314cf66cfd5cd6498f714117b985a43f5a7ea6c0aef9314d3
GET /r5s5od.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 1786219
last-modified: Wed, 09 Nov 2022 12:36:14 GMT
etag: 34db85553d49027fae16ee7734ac280f
x-timestamp: 1667997373.33478
x-trans-id: tx7cf7be1bf3b94f9aa8d9c-006371ef53
x-openstack-request-id: tx7cf7be1bf3b94f9aa8d9c-006371ef53
x-iplb-request-id: 339F9F8C:C5D8_5762BBC9:01BB_6371EF53_B3BC151:1DE7B
x-iplb-instance: 42084
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
i.goopics.net/umpkdc.png
51.159.159.140200 OK 1.0 MB IP 51.159.159.140:0
File type PNG image data, 800 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 1.0 MB (1009474 bytes)
Hash e76fe243c4722686a0b781e9b8561bb4
33f64fa059d9d820c9efbd7bae370eda6f2b1b26
e291268f5c1fb42c0f7fd1b09d2fc6f08e9020abe6a673400872f1f0cbc54527
GET /umpkdc.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 1009474
last-modified: Thu, 10 Nov 2022 00:41:39 GMT
etag: e76fe243c4722686a0b781e9b8561bb4
x-timestamp: 1668040898.71648
x-trans-id: tx0aa7d062927c4cdd81419-006371ef53
x-openstack-request-id: tx0aa7d062927c4cdd81419-006371ef53
x-iplb-request-id: 339F9F8C:EBF2_3626E64B:01BB_6371EF53_B45BAE8:16EE6
x-iplb-instance: 33618
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 90ecb2e435ea12d9dfccd7399a28ec30
163d1dd17a8369430671df1577349f5c198dd9c6
c843c85f6173a0cf64d143406a102b18d0b4a9a9e7f9b34e00d805a915658d49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2377
Cache-Control: max-age=96831
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 20:17:03 GMT
Etag: "63717035-1d7"
Expires: Tue, 15 Nov 2022 23:10:54 GMT
Last-Modified: Sun, 13 Nov 2022 22:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3861&ck=1&ref=https://amadi-store.com/nails&ap=530&be=893&fe=3420&dc=1812&perf=%7B%22timing%22:%7B%22of%22:1668457019285,%22n%22:0,%22f%22:386,%22dn%22:393,%22dne%22:394,%22c%22:394,%22s%22:399,%22ce%22:592,%22rq%22:593,%22rp%22:848,%22rpe%22:851,%22dl%22:875,%22di%22:1753,%22ds%22:1811,%22de%22:2210,%22dc%22:3419,%22l%22:3419,%22le%22:3556%7D,%22navigation%22:%7B%7D%7D&fcp=1264&jsonp=NREUM.setToken
162.247.241.14200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3861&ck=1&ref=https://amadi-store.com/nails&ap=530&be=893&fe=3420&dc=1812&perf=%7B%22timing%22:%7B%22of%22:1668457019285,%22n%22:0,%22f%22:386,%22dn%22:393,%22dne%22:394,%22c%22:394,%22s%22:399,%22ce%22:592,%22rq%22:593,%22rp%22:848,%22rpe%22:851,%22dl%22:875,%22di%22:1753,%22ds%22:1811,%22de%22:2210,%22dc%22:3419,%22l%22:3419,%22le%22:3556%7D,%22navigation%22:%7B%7D%7D&fcp=1264&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=3861&ck=1&ref=https://amadi-store.com/nails&ap=530&be=893&fe=3420&dc=1812&perf=%7B%22timing%22:%7B%22of%22:1668457019285,%22n%22:0,%22f%22:386,%22dn%22:393,%22dne%22:394,%22c%22:394,%22s%22:399,%22ce%22:592,%22rq%22:593,%22rp%22:848,%22rpe%22:851,%22dl%22:875,%22di%22:1753,%22ds%22:1811,%22de%22:2210,%22dc%22:3419,%22l%22:3419,%22le%22:3556%7D,%22navigation%22:%7B%7D%7D&fcp=1264&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 20:17:04 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76a26daf7b6afac0-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=26605b1ed443cb0f; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
amadi-store.com/assets/userevents/application.js
104.16.14.194200 OK 0 B URL HTTP/2 amadi-store.com/assets/userevents/application.js
IP 104.16.14.194:0
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/userevents/application.js HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: application/x-javascript
cf-ray: 76a26d98bec00b59-OSL
access-control-allow-origin: *
age: 187
cache-control: public, max-age=1200
etag: W/"6359dae3-147c"
expires: Mon, 14 Nov 2022 20:37:00 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
amadi-store.com/assets/lander.js
104.16.14.194200 OK 0 B URL HTTP/2 amadi-store.com/assets/lander.js
IP 104.16.14.194:0
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/lander.js HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: application/x-javascript
cf-ray: 76a26d98cecc0b59-OSL
access-control-allow-origin: *
age: 187
cache-control: public, max-age=1200
etag: W/"6359db3a-2391a3"
expires: Mon, 14 Nov 2022 20:37:00 GMT
last-modified: Thu, 27 Oct 2022 01:13:30 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato+sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7COpen+Sans%7CLato+sans-serif%7C%7C
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato+sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7COpen+Sans%7CLato+sans-serif%7C%7C
IP 142.250.74.10:0
GET /css?family=Lato+sans-serif%7CHelvetica+Neue+Helvetica+Arial+sans-serif%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7CLato%7CLato+sans-serif%7COpen+Sans%7CLato+sans-serif%7C%7C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 20:17:00 GMT
date: Mon, 14 Nov 2022 20:17:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
amadi-store.com/assets/lander.css
104.16.14.194200 OK 0 B URL HTTP/2 amadi-store.com/assets/lander.css
IP 104.16.14.194:0
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/lander.css HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: text/css
cf-ray: 76a26d98beb50b59-OSL
access-control-allow-origin: *
age: 187
cache-control: public, max-age=1200
etag: W/"6359dae3-6a514"
expires: Mon, 14 Nov 2022 20:37:00 GMT
last-modified: Thu, 27 Oct 2022 01:12:03 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.64.132.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: text/css
x-amz-id-2: aTwuyWgaPvMb6JWlB6xk6ko4jaJeYcep7GkUNwiiQ54PacIiib0YpvXLB8kuH9wuaqemxGQSQA4=
x-amz-request-id: PSJN9FGRVEEQCVY1
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1220902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRPP%2F9Tkpm5Dij6tHBf9agJkeknbQjz1Go5oRGwoZyyODjRROwUU9zcOc9S8GO6m3lzLg0FF1VkhtwURZH4FY9JdU4e9QUH8CDkmoVZGf6rjUktjo0tSY7FqU4xtkRhxFDfHOV7f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a26d994b158926-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amadi-store.com
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a26d9949be0afe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
216.58.207.238200 OK 0 B URL HTTP/2 www.youtube.com/embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent
IP 216.58.207.238:0
GET /embed/NWcDkKLtnq8?autoplay=0&modestbranding=1&controls=1&showinfo=0&rel=0&hd=1&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Nov 2022 20:17:00 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=K-Ix1rVi7bY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=ghYJFXoS890; Domain=.youtube.com; Expires=Sat, 13-May-2023 20:17:00 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+436; expires=Wed, 13-Nov-2024 20:17:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
104.16.14.194200 OK 0 B URL HTTP/2 amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
IP 104.16.14.194:0
Analyzer Verdict Alert quad9 Sinkholed
GET /nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:00 GMT
content-type: text/html; charset=utf-8
cf-ray: 76a26d965b830b59-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Thu, 10 Nov 2022 16:28:49 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 4c0293bac0cd1fe302c15861254e1e1997c87d22
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 26544ed031615e34fae29a441a87951e
x-runtime: 0.522326
set-cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; path=/; expires=Mon, 14-Nov-22 20:47:00 GMT; domain=.amadi-store.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 14 Nov 2022 20:17:00 GMT
date: Mon, 14 Nov 2022 20:17:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.goopics.net/ngx7gr.png
51.159.159.140200 OK 0 B IP 51.159.159.140:0
GET /ngx7gr.png HTTP/1.1
Host: i.goopics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: image/png
content-length: 1060529
last-modified: Wed, 09 Nov 2022 12:36:09 GMT
etag: fb0be465495ad5b6211ae135aa00e415
x-timestamp: 1667997368.84909
x-trans-id: tx3bd37deead8541619bd0c-006371ef53
x-openstack-request-id: tx3bd37deead8541619bd0c-006371ef53
x-iplb-request-id: 339F9F8C:EBE2_3626E64B:01BB_6371EF53_B217413:24787
x-iplb-instance: 33617
x-cache-status: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
amadi-store.com/images/background.png?_unique=0.7966902739530362&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//amadi-store.com/nails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue&_title=Kit%20de%20manucure%20Polygel%20avec%20Lampe%20UV%20Nails%E2%84%A2&_key=n28yvxby&_page_key=2aa4dlhz19k0wegs&_fid=12581415&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true&_referrer=
104.16.14.194200 OK 0 B URL HTTP/2 amadi-store.com/images/background.png?_unique=0.7966902739530362&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//amadi-store.com/nails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue&_title=Kit%20de%20manucure%20Polygel%20avec%20Lampe%20UV%20Nails%E2%84%A2&_key=n28yvxby&_page_key=2aa4dlhz19k0wegs&_fid=12581415&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true&_referrer=
IP 104.16.14.194:0
Analyzer Verdict Alert quad9 Sinkholed
GET /images/background.png?_unique=0.7966902739530362&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//amadi-store.com/nails%3Ffbclid%3DPAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs%26external_browser_redirect%3Dtrue&_title=Kit%20de%20manucure%20Polygel%20avec%20Lampe%20UV%20Nails%E2%84%A2&_key=n28yvxby&_page_key=2aa4dlhz19k0wegs&_fid=12581415&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true&_referrer= HTTP/1.1
Host: amadi-store.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amadi-store.com/nails?fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs&external_browser_redirect=true
Cookie: __cf_bm=r_1csSagZ9x0lBaK0EXGkd947dd3NNgBUpLBxbbskIo-1668457020-0-AT/0M41ZHxNvEeonHoB7aR8eATLYWizyA03+/AeFK1gkJsQ499r/RNM153Q69xow5C6r8XZz9EhikbdSo12ytXitLaXXrg2uealrvghbP/Ea; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTcwNjA3Mjc=:visited=true; cf:visitor_id=55ae54df-68a8-40bb-83c9-3fb4d2668388; fbclid=PAAabIgy4m81uOXG00AQkIdQTFFfpsVEkvNSkj92Ukw3_xcstVqhimo6c5Fzs; external_browser_redirect=true; addevent_track_cookie=3c816f72-7964-48eb-38fa-e3a454b39ab9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 14 Nov 2022 20:17:02 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 76a26da868460b59-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 39234db392523f514afd8bce6a98e153
x-runtime: 0.021724
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2