pepaddsel.ga/
172.67.183.150302 Found 0 B IP 172.67.183.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: pepaddsel.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 03 Dec 2022 05:37:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://oly4youbaby.info/?s1=fhy1&s6=HVyut3
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWP%2FYNie4w9Xu%2B7mm%2FGcfswxFFjfyQzypB0xTzWOmTXjiZ4%2FOhPKn3YkF8uS48ET1FPXFsNQn6qdoc5rkwVVINN4vtej1fUZI0r6Fdo%2BSB93ke%2BzOIcI0o21iF%2FohG4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7739f2d5b96d1c16-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8888
Expires: Sat, 03 Dec 2022 08:05:15 GMT
Date: Sat, 03 Dec 2022 05:37:07 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6311
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:37:07 GMT
Last-Modified: Sat, 03 Dec 2022 03:51:56 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 05:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1028
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8266
Expires: Sat, 03 Dec 2022 07:54:53 GMT
Date: Sat, 03 Dec 2022 05:37:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X6UHGBk/oj/aZ9Sa+P4xYPLcBzmUj7GnuNne0kGCajl2gftGgHxMBeVaoYWmKoYPhNXXGREI9NU=
x-amz-request-id: R38HY5Y3C08CGMR2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 04:46:26 GMT
age: 3041
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:37:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
oly4youbaby.info/?s1=fhy1&s6=HVyut3
104.21.61.81200 OK 1.2 kB URL HTTP/1.1 oly4youbaby.info/?s1=fhy1&s6=HVyut3
IP 104.21.61.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 4a1e1113a4c66c14f9f50222b3f33d43
26b8c7e763bfab823cab7a1e9f58f3d581b127a9
c20b64210f02fa25847e205b354ff78de7016c0255b657a14fe2d7f9d5a8fdef
GET /?s1=fhy1&s6=HVyut3 HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjBLNWhnVExtY0RCMm4vWE5VV3NPUlE9PSIsInZhbHVlIjoiVUZqcFRIemZxbU9aRUdHQTFlWTdNQ3I3dHRodFNFcHZyc20zQTRrR2U1YzlUdEFJTW9DeGtrV2VNa3o1N3pZeCIsIm1hYyI6IjllNGVmZTA1Mzg4ZTUyYzc1MTJjMzU0ODlmOTRjYTYzNWI5YzMzMjlkZWJjMjI5ZjdhODVjZTE4NzA1YjVmYmQifQ%3D%3D; laravel_session=eyJpdiI6Inp2bnNkekxONnhlT1hsZTd5MmhRdnc9PSIsInZhbHVlIjoibGF1M2NzT2x6TFhXK1FKMG5OOUh2VTdFS3JuTXZyTVMzSTZaWEkvWm1hNDZVZDJQV0MxUnFBS3Nqc0JYNldQZiIsIm1hYyI6Ijk0MGZmYjBlMjI5N2RiZTA4YzJhMTBhMmI2YzU0Nzg3MzlkNTcyNmJkZDNkYmE5NGM4NGMyMGY2OGE2YTEyNDEifQ%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:37:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IjBkeVVDSlJTRXNGL3NObnkyQ2ZOTkE9PSIsInZhbHVlIjoiOXBwUk13UlM5elRyeTFkUkQ0cFc5UGduNEJLK3VWenNIVmhRdHNhNkNKN1YxbWVFbFcyQ3BYZG5PUFplNXFxZiIsIm1hYyI6IjQ0OGFlYjI1YjlkOGYyMjE2NjkwZThkYmU0ZjBmYjZlMmM4YTc0N2QxYWM0MGJjNWRjNzRlMjQ5NDhiNDlhYjkifQ%3D%3D; expires=Sat, 03-Dec-2022 07:37:08 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjMvT084NHc5RTBGYmI1YS95cXhjS3c9PSIsInZhbHVlIjoiWWlObURPenZwc0tRZlhNZGswZFdBMU02cFgzaDVjallUcFYzaGpOY05OZVdhUEVUamRMbDhKcUx6M1d6WmhWcSIsIm1hYyI6IjdjMGM1ZTYxZWNmM2VlNjJlZjE0MjBlMzJhYmUxMGI3YTc4MzBhNzFlNmJmNTc0MDFjYTA3YjllMzk5Yzg5MDQifQ%3D%3D; expires=Sat, 03-Dec-2022 07:37:08 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=w2; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F%2BMntaNQyDiCofoPw%2FF9JQ2KOezgCX1f%2BrW6r12kW2oj14Vv68JLFAZZFBnrBjrSut3VBUJika1WdGUfXAKnWc3fGf9E92sz56FqlvwEaBK56c8tUuooWddyQC50%2BeIE%2Fhz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7739f2d73ec7b506-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 05:11:17 GMT
cache-control: public,max-age=3600
age: 1551
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a74fa467b80f2cc9b740189a73b49f5
6f059916a2bdc34a3406f618cd5715407a29d490
c66c5b01eb349f848495ca1ac0f1ef19ef062713bfab8f701cfb77398c4eed06
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C66C5B01EB349F848495CA1AC0F1EF19EF062713BFAB8F701CFB77398C4EED06"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5955
Expires: Sat, 03 Dec 2022 07:16:23 GMT
Date: Sat, 03 Dec 2022 05:37:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6297
Cache-Control: max-age=105283
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:37:08 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:51:51 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
oly4youbaby.info/landings/57/fonts/vendor.css
104.21.61.81200 OK 4.3 kB URL HTTP/1.1 oly4youbaby.info/landings/57/fonts/vendor.css
IP 104.21.61.81:0
File type ASCII text, with very long lines (16715), with no line terminators
Hash 5877830b21ff068753ac3922150395a8
d0cb16458f628eff9a855838110a1d54729e531b
f59302ff65ba433ace8ddd0eb4d16b77ffafbce143e48cbfbb93f2f15bb7aff3
GET /landings/57/fonts/vendor.css HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oly4youbaby.info/?s1=fhy1&s6=HVyut3
Cookie: XSRF-TOKEN=eyJpdiI6IjBkeVVDSlJTRXNGL3NObnkyQ2ZOTkE9PSIsInZhbHVlIjoiOXBwUk13UlM5elRyeTFkUkQ0cFc5UGduNEJLK3VWenNIVmhRdHNhNkNKN1YxbWVFbFcyQ3BYZG5PUFplNXFxZiIsIm1hYyI6IjQ0OGFlYjI1YjlkOGYyMjE2NjkwZThkYmU0ZjBmYjZlMmM4YTc0N2QxYWM0MGJjNWRjNzRlMjQ5NDhiNDlhYjkifQ%3D%3D; laravel_session=eyJpdiI6IjMvT084NHc5RTBGYmI1YS95cXhjS3c9PSIsInZhbHVlIjoiWWlObURPenZwc0tRZlhNZGswZFdBMU02cFgzaDVjallUcFYzaGpOY05OZVdhUEVUamRMbDhKcUx6M1d6WmhWcSIsIm1hYyI6IjdjMGM1ZTYxZWNmM2VlNjJlZjE0MjBlMzJhYmUxMGI3YTc4MzBhNzFlNmJmNTc0MDFjYTA3YjllMzk5Yzg5MDQifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:37:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:35 GMT
etag: W/"637cb38f-414b"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U665VSKKYp5nTXaLN3ZPwFcGGCLA67xeUcXMMTy6ffpRlz%2FTtKmkGZNHELY1%2F2raM6LXa9XFrELJy4SousX98epv2D9JHzjvPle4QVcPocGe411WOJo8X2L3zV0GcF1VKWRa"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739f2dad883b506-OSL
Content-Encoding: gzip
push.services.mozilla.com/
54.189.139.67101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.139.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eI9bgzwW+LAcV70vQD/UdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2i7HxUK504ABH3yopMPcvX+Yy7M=
oly4youbaby.info/landings/57/js/vendor.js
104.21.61.81200 OK 37 kB URL HTTP/1.1 oly4youbaby.info/landings/57/js/vendor.js
IP 104.21.61.81:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9d85a126065747c39db6a55b90fc2082
4d70b034bf0f678a07dfe40d6c5f9bb2a56d3c29
dfb53573b256d892ef439ac9302e7b7d9dd9f7bb8f9870bde6bdb6644e993059
GET /landings/57/js/vendor.js HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oly4youbaby.info/?s1=fhy1&s6=HVyut3
Cookie: XSRF-TOKEN=eyJpdiI6IjBkeVVDSlJTRXNGL3NObnkyQ2ZOTkE9PSIsInZhbHVlIjoiOXBwUk13UlM5elRyeTFkUkQ0cFc5UGduNEJLK3VWenNIVmhRdHNhNkNKN1YxbWVFbFcyQ3BYZG5PUFplNXFxZiIsIm1hYyI6IjQ0OGFlYjI1YjlkOGYyMjE2NjkwZThkYmU0ZjBmYjZlMmM4YTc0N2QxYWM0MGJjNWRjNzRlMjQ5NDhiNDlhYjkifQ%3D%3D; laravel_session=eyJpdiI6IjMvT084NHc5RTBGYmI1YS95cXhjS3c9PSIsInZhbHVlIjoiWWlObURPenZwc0tRZlhNZGswZFdBMU02cFgzaDVjallUcFYzaGpOY05OZVdhUEVUamRMbDhKcUx6M1d6WmhWcSIsIm1hYyI6IjdjMGM1ZTYxZWNmM2VlNjJlZjE0MjBlMzJhYmUxMGI3YTc4MzBhNzFlNmJmNTc0MDFjYTA3YjllMzk5Yzg5MDQifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:37:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:35 GMT
etag: W/"637cb38f-1a37b"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bk2uO%2FwDpHtgSyOS2JQhQ1WTbDlmKwapXGARzDilXj2x%2BjU8DtuOsW0QhZDFJCxzgXXB8ZKBt17fWjPPGLr9c95TYPKcApYjOH48gokBmfTlbqczlx0eqn7CdLVcVUOAoGnE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739f2daeb6bb4f1-OSL
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a74fa467b80f2cc9b740189a73b49f5
6f059916a2bdc34a3406f618cd5715407a29d490
c66c5b01eb349f848495ca1ac0f1ef19ef062713bfab8f701cfb77398c4eed06
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C66C5B01EB349F848495CA1AC0F1EF19EF062713BFAB8F701CFB77398C4EED06"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5954
Expires: Sat, 03 Dec 2022 07:16:23 GMT
Date: Sat, 03 Dec 2022 05:37:09 GMT
Connection: keep-alive
oly4youbaby.info/landings/57/images/6.jpg
104.21.61.81200 OK 46 kB URL HTTP/1.1 oly4youbaby.info/landings/57/images/6.jpg
IP 104.21.61.81:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Hash 113ff4aaab782cd4156870e0ffcd6366
9df5341f9bb3e43d93511bb0a3bf0f6c31b2618a
79a2e2b8a7de4f60f588962b74470064631641c736c9a4f31bcab78ddcf76832
GET /landings/57/images/6.jpg HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oly4youbaby.info/landings/57/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBkeVVDSlJTRXNGL3NObnkyQ2ZOTkE9PSIsInZhbHVlIjoiOXBwUk13UlM5elRyeTFkUkQ0cFc5UGduNEJLK3VWenNIVmhRdHNhNkNKN1YxbWVFbFcyQ3BYZG5PUFplNXFxZiIsIm1hYyI6IjQ0OGFlYjI1YjlkOGYyMjE2NjkwZThkYmU0ZjBmYjZlMmM4YTc0N2QxYWM0MGJjNWRjNzRlMjQ5NDhiNDlhYjkifQ%3D%3D; laravel_session=eyJpdiI6IjMvT084NHc5RTBGYmI1YS95cXhjS3c9PSIsInZhbHVlIjoiWWlObURPenZwc0tRZlhNZGswZFdBMU02cFgzaDVjallUcFYzaGpOY05OZVdhUEVUamRMbDhKcUx6M1d6WmhWcSIsIm1hYyI6IjdjMGM1ZTYxZWNmM2VlNjJlZjE0MjBlMzJhYmUxMGI3YTc4MzBhNzFlNmJmNTc0MDFjYTA3YjllMzk5Yzg5MDQifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:37:09 GMT
Content-Type: image/jpeg
Content-Length: 46048
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:35 GMT
etag: "637cb38f-b3e0"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daU9QuP%2Ff1cmajeP2ygTTfQZyZ4ZNt7kIExzchr%2B%2BTeXC5SlPmEtRRmigjhK5F0ODpkxoCfARXMExI5QCDOH3HZUKhz6hWxAs%2FqjUcOpaG72wtSpl4Xzz8p28NIeXmqMiDvG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739f2df8e0db4f1-OSL
oly4youbaby.info/landings/57/fonts/Gilroy/Gilroy-Regular.woff
104.21.61.81200 OK 35 kB URL HTTP/1.1 oly4youbaby.info/landings/57/fonts/Gilroy/Gilroy-Regular.woff
IP 104.21.61.81:0
File type Web Open Font Format, TrueType, length 35308, version 0.0\012- data
Hash 8e8705d069fbb9099b3a1e1d779fa5c5
ff762363b88add1df9a3c36ff1247796376b61e6
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
GET /landings/57/fonts/Gilroy/Gilroy-Regular.woff HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://oly4youbaby.info/landings/57/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBkeVVDSlJTRXNGL3NObnkyQ2ZOTkE9PSIsInZhbHVlIjoiOXBwUk13UlM5elRyeTFkUkQ0cFc5UGduNEJLK3VWenNIVmhRdHNhNkNKN1YxbWVFbFcyQ3BYZG5PUFplNXFxZiIsIm1hYyI6IjQ0OGFlYjI1YjlkOGYyMjE2NjkwZThkYmU0ZjBmYjZlMmM4YTc0N2QxYWM0MGJjNWRjNzRlMjQ5NDhiNDlhYjkifQ%3D%3D; laravel_session=eyJpdiI6IjMvT084NHc5RTBGYmI1YS95cXhjS3c9PSIsInZhbHVlIjoiWWlObURPenZwc0tRZlhNZGswZFdBMU02cFgzaDVjallUcFYzaGpOY05OZVdhUEVUamRMbDhKcUx6M1d6WmhWcSIsIm1hYyI6IjdjMGM1ZTYxZWNmM2VlNjJlZjE0MjBlMzJhYmUxMGI3YTc4MzBhNzFlNmJmNTc0MDFjYTA3YjllMzk5Yzg5MDQifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:37:09 GMT
Content-Type: application/font-woff
Content-Length: 35308
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:35 GMT
etag: "637cb38f-89ec"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOjR2nmqsUgAAYJA2PvCz8FdjHpBi9iWGnMloeZ0KQ3rC5lbU9W1vYdklaUk3R6szYuKFI4BeGSpT6l%2F2MPgV0H8kEoaKbiY61ww5EOAt586m0lpRCNkGr4boYfTBl452Jgm"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739f2df9a6bb506-OSL
oly4youbaby.info/landings/57/fonts/Gilroy/Gilroy-Medium.woff
104.21.61.81200 OK 37 kB URL HTTP/1.1 oly4youbaby.info/landings/57/fonts/Gilroy/Gilroy-Medium.woff
IP 104.21.61.81:0
File type Web Open Font Format, TrueType, length 36924, version 0.0\012- data
Hash 7d5dc1791cf2738d55a87e871549004c
7960861bd85d181bd3ff1abd77d55791d05c83e4
a19283a467a53bafbcc7a335d8fd1e96cea3f45fb81a9642f66be7b192099bc4
GET /landings/57/fonts/Gilroy/Gilroy-Medium.woff HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://oly4youbaby.info/landings/57/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6IjBkeVVDSlJTRXNGL3NObnkyQ2ZOTkE9PSIsInZhbHVlIjoiOXBwUk13UlM5elRyeTFkUkQ0cFc5UGduNEJLK3VWenNIVmhRdHNhNkNKN1YxbWVFbFcyQ3BYZG5PUFplNXFxZiIsIm1hYyI6IjQ0OGFlYjI1YjlkOGYyMjE2NjkwZThkYmU0ZjBmYjZlMmM4YTc0N2QxYWM0MGJjNWRjNzRlMjQ5NDhiNDlhYjkifQ%3D%3D; laravel_session=eyJpdiI6IjMvT084NHc5RTBGYmI1YS95cXhjS3c9PSIsInZhbHVlIjoiWWlObURPenZwc0tRZlhNZGswZFdBMU02cFgzaDVjallUcFYzaGpOY05OZVdhUEVUamRMbDhKcUx6M1d6WmhWcSIsIm1hYyI6IjdjMGM1ZTYxZWNmM2VlNjJlZjE0MjBlMzJhYmUxMGI3YTc4MzBhNzFlNmJmNTc0MDFjYTA3YjllMzk5Yzg5MDQifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:37:09 GMT
Content-Type: application/font-woff
Content-Length: 36924
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:35 GMT
etag: "637cb38f-903c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ndz1sQEjDA1lqYB2IfpzAP2mLejtFX7gsr2T8VvgUUvkeHpgUrjLciHEDwXGYQdPHQ8MPEi2OsxJWUrQd8a56fGakgGmJis%2FROoHVtddK1IaXu%2BGdbensonGiuHgs7hR7aOS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739f2df9b95b515-OSL
oly4youbaby.info/favicon.ico
104.21.61.81200 OK 0 B URL HTTP/1.1 oly4youbaby.info/favicon.ico
IP 104.21.61.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: oly4youbaby.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://oly4youbaby.info/?s1=fhy1&s6=HVyut3
Cookie: XSRF-TOKEN=eyJpdiI6IjBkeVVDSlJTRXNGL3NObnkyQ2ZOTkE9PSIsInZhbHVlIjoiOXBwUk13UlM5elRyeTFkUkQ0cFc5UGduNEJLK3VWenNIVmhRdHNhNkNKN1YxbWVFbFcyQ3BYZG5PUFplNXFxZiIsIm1hYyI6IjQ0OGFlYjI1YjlkOGYyMjE2NjkwZThkYmU0ZjBmYjZlMmM4YTc0N2QxYWM0MGJjNWRjNzRlMjQ5NDhiNDlhYjkifQ%3D%3D; laravel_session=eyJpdiI6IjMvT084NHc5RTBGYmI1YS95cXhjS3c9PSIsInZhbHVlIjoiWWlObURPenZwc0tRZlhNZGswZFdBMU02cFgzaDVjallUcFYzaGpOY05OZVdhUEVUamRMbDhKcUx6M1d6WmhWcSIsIm1hYyI6IjdjMGM1ZTYxZWNmM2VlNjJlZjE0MjBlMzJhYmUxMGI3YTc4MzBhNzFlNmJmNTc0MDFjYTA3YjllMzk5Yzg5MDQifQ%3D%3D; SRVNAME=w2
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:37:09 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Tue, 22 Nov 2022 11:33:33 GMT
etag: "637cb38d-0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4127
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBFpzmce4KTa5e9rW9ghyniit%2Baa3cG6Ideqo1v1vfB7Qv5MnugN%2BoVAaNcFHa3TcpkOgDTpj%2BbmH6HL67wPZTJI%2BtMe2SmhDKXXqbyU6n3oiJYB7znPkMqjq6fu6K9BkPnE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739f2e1cf03b4f1-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13301
Expires: Sat, 03 Dec 2022 09:18:51 GMT
Date: Sat, 03 Dec 2022 05:37:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13301
Expires: Sat, 03 Dec 2022 09:18:51 GMT
Date: Sat, 03 Dec 2022 05:37:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13301
Expires: Sat, 03 Dec 2022 09:18:51 GMT
Date: Sat, 03 Dec 2022 05:37:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:43:28 GMT
age: 21222
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd79a3383-273b-420b-975f-73400e86239a.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd79a3383-273b-420b-975f-73400e86239a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7c90eda6b69179422ecd1245e94162c
d5e0aef84626250a62cc94a781a47e08aaac3f6a
5fd1c9586a82c9e6a9a8b5d99b746f17e9485f80057ec35c3f8d5ab5256fbb16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd79a3383-273b-420b-975f-73400e86239a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8273
x-amzn-requestid: 6abe0e18-1b39-4a87-8f15-6ea75d99b658
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZosHLDIAMFyoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fd1-455200672a96e0f5605a339f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sSTysER3tOW4FGv3lqvx2cPAaG8J9wyeuRJB61x8oYQG9Ah1xe1Z0w==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:33 GMT
age: 27817
etag: "d5e0aef84626250a62cc94a781a47e08aaac3f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b77186d0d93f7ccfe729edd9d184af3
458aa485b9abef3b72427d308a172d1c24eceabd
8bed5a8e56e8c43fcbdc807245c2b651d014a06368574e57a25b718399a4a701
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6966
x-amzn-requestid: 2b40c185-e050-4bfd-9b08-bb70e6f89824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfAb7Ev3oAMFnrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389144c-65301ace20da6f580ed77e82;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 20:53:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBRZ6xulfveO7b5ZY8ApNbQJ1Sz8LbzEAb3YqxOEaZGYem-ZRaar_Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:01:16 GMT
age: 77754
etag: "458aa485b9abef3b72427d308a172d1c24eceabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 28063
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 11:01:04 GMT
age: 66966
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 585e7e56aed6b2f2f5e658f46bb791c4
34b768eb68f6cb850ff984fd687096e089649523
5412ba902e667571b0bbb3879ba6b9ad39501abce59381e84e6aa09779e7198b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6416
x-amzn-requestid: f5456dd6-8459-4a19-a9b5-b7b567fceb01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cik2pG5aoAMFrVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a81c3-0923232b35133f471332062b;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 22:52:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fO2Nzz-s_o-67i4JhGgbUZdA5G1B8c9RrnJKm56RN7Ae_MK65KeRtQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:08:03 GMT
age: 23347
etag: "34b768eb68f6cb850ff984fd687096e089649523"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
svntrk.com/assets/fhy1_638ae08409ac3.js
172.67.197.110200 OK 0 B URL HTTP/2 svntrk.com/assets/fhy1_638ae08409ac3.js
IP 172.67.197.110:0
GET /assets/fhy1_638ae08409ac3.js HTTP/1.1
Host: svntrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://oly4youbaby.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:37:09 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: svnimp=638ae084e5eb8; path=/; secure; httponly; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5muvxCSSGbtCMuvWExPYjT4KMs7IctMacj8SE1qm8Ez1gVeqjUrM9fjTR7tu3byP%2Bv1EKWmtD2yB%2Bm5ylojkokcc3RXELJ8xRgdfcI45WOuTZvpYeGkD6%2FkLlA0R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7739f2db2dcb1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2