girlgov.netlify.app/mouse-with-back-hump.html
3.125.252.47301 Moved Permanently 68 B URL HTTP/1.1 girlgov.netlify.app/mouse-with-back-hump.html
IP 3.125.252.47:0
File type ASCII text, with no line terminators
Hash c3a3d4df55545f73c06ef5e307303220
34b304adb06905cc7e632f30adaa648484259d96
571ac4cd980e57a7db7ccec6a55703467ae860492f614813cdf4328cab149981
Analyzer Verdict Alert fortinet Malware
GET /mouse-with-back-hump.html HTTP/1.1
Host: girlgov.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Age: 0
Cache-Control: public, max-age=0, must-revalidate
Content-Length: 68
Content-Type: text/plain
Date: Tue, 13 Sep 2022 03:21:13 GMT
Location: https://girlgov.netlify.app/mouse-with-back-hump.html
Server: Netlify
X-Nf-Request-Id: 01GCTDTY9ZXDM89F81H0PK09T8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a1529499c9cc57f3d4aea0a7aeead039
c301fcdf870b0cc40794ff25d30b39dabffda0de
cc5dc1f498b4cb831bc17f04e9c891d8c84170f5a559eab3a9dfff622e872f8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC5DC1F498B4CB831BC17F04E9C891D8C84170F5A559EAB3A9DFFF622E872F8C"
Last-Modified: Mon, 12 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9714
Expires: Tue, 13 Sep 2022 06:03:07 GMT
Date: Tue, 13 Sep 2022 03:21:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10219
Expires: Tue, 13 Sep 2022 06:11:32 GMT
Date: Tue, 13 Sep 2022 03:21:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a6Fs5HrPLUfdZrs2uXmS7tho9VJ7XzJ5aXiV4E1qRgA8Jw9Sel-Cmg==
age: 72241
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 46 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash d94e9bd833e2eba44b2b4725f24f3d4a
996714f3c8562c5336967b1992e7433e5a047bd6
3b7e93526d32e8c78f0596df9bde5f72314bd31e8f81bb9e0a48accc78df4616
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: uFDFLvJ-gcWUOHOHiSxdQtQikLB0ckFmGUvwTz0qZLs3GVByOZj5BA==
content-encoding: gzip
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 03:07:22 GMT
content-type: application/json
content-length: 46097
age: 831
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 492503de97b967679adfbf6936fa9929
d00c9a726dc41340ebf09210821c5337870ec0ed
940413796e2b292c19c0312e95ae872eea6d3831f0a0ef3b45e96e3aff708ae5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:13 GMT
Last-Modified: Tue, 13 Sep 2022 02:13:39 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 03:08:39 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1RP9AVl6iyE6OFXPzokVD9MtIkbopcOnnPH6C9fraB3h2Sx7CAje7g==
Age: 754
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:21:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
girlgov.netlify.app/mouse-with-back-hump.html
34.159.137.246200 OK 7.0 kB URL HTTP/2 girlgov.netlify.app/mouse-with-back-hump.html
IP 34.159.137.246:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14634), with CRLF line terminators
Hash cf9a9d15ef4d52a26c1971aa9c1af319
05bb5226414c97a6dfceb9325f7e717978f724d7
8aec88eb0f12521dfba1607ab6010a5d45fdf33331ab4d446fa4644c949eafdf
Analyzer Verdict Alert fortinet Malware
GET /mouse-with-back-hump.html HTTP/1.1
Host: girlgov.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
age: 113642
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 11 Sep 2022 19:47:11 GMT
etag: "d9a5f8ccbc295dd9a3ef4cb4ecb64d84-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GCTDTYNKT40HJC46CE3PH5YT
content-length: 7001
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 03:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:59:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9oXfucF9MSvDVxy4cL65OQcdRcB92oE6gPjh79y4zdK0aTXKCpz-WA==
Age: 1072
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/adventpro/v18/V8mDoQfxVT4Dvddr_yOwjZGPPbF4Cw.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/adventpro/v18/V8mDoQfxVT4Dvddr_yOwjZGPPbF4Cw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17128, version 1.0\012- data
Hash 920814d980a1896e3bf283fe4e0057e7
59bc99c85d58a738798979c93eb6f1826109e463
fa13b34d88ad4a10f31262096ec6ce0e5a96d6d06e787782cbdbe8eccbb42db2
GET /s/adventpro/v18/V8mDoQfxVT4Dvddr_yOwjZGPPbF4Cw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://girlgov.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 13:19:53 GMT
expires: Thu, 07 Sep 2023 13:19:53 GMT
cache-control: public, max-age=31536000
age: 482481
last-modified: Tue, 19 Apr 2022 19:48:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/adventpro/v18/V8mAoQfxVT4Dvddr_yOwhTqtKA.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/adventpro/v18/V8mAoQfxVT4Dvddr_yOwhTqtKA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15884, version 1.0\012- data
Hash 73f61f92b42d79d54cae586e759114b9
6f3e856e5c820affd0dfe729f27bb4767e1a09bc
466a53d5e0126d5f20daf160381a6e638d161d7761e19e1c80052a420f469d6c
GET /s/adventpro/v18/V8mAoQfxVT4Dvddr_yOwhTqtKA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://girlgov.netlify.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 11:27:40 GMT
expires: Thu, 07 Sep 2023 11:27:40 GMT
cache-control: public, max-age=31536000
age: 489214
last-modified: Tue, 19 Apr 2022 19:49:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4416
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:14 GMT
Last-Modified: Tue, 13 Sep 2022 02:07:38 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
girlgov.netlify.app/favicon.ico
34.159.137.246200 OK 1.2 kB URL HTTP/2 girlgov.netlify.app/favicon.ico
IP 34.159.137.246:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 78879284a3d177fe551400eab67c4be0
ba121b6e77da23f9697d0820d502a30739799c98
6028f8cd37346a28556a84436d785e37f5c0f092d46b9d131907e99afa53b230
GET /favicon.ico HTTP/1.1
Host: girlgov.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlgov.netlify.app/mouse-with-back-hump.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/vnd.microsoft.icon
date: Tue, 13 Sep 2022 03:21:14 GMT
etag: "fab52f298cbc472c4f74482af1482442-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GCTDTZ8G5EKTBJ5ATYKEM7GF
content-length: 1150
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Advent+Pro%3A200%2C300%2C400%2C700&subset=latin-ext
142.250.74.10200 OK 458 B URL HTTP/2 fonts.googleapis.com/css?family=Advent+Pro%3A200%2C300%2C400%2C700&subset=latin-ext
IP 142.250.74.10:0
Hash 924469f1c83ea34d6c6d43199c936831
5d1c43c47f319790543353dd386918870f695364
df677ecd3e075ced45336d98a407a2733086432ed73fff368ce203ccf189d423
GET /css?family=Advent+Pro%3A200%2C300%2C400%2C700&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlgov.netlify.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 03:21:13 GMT
date: Tue, 13 Sep 2022 03:21:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8440
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:21:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8440
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:21:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8440
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:21:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8440
Expires: Tue, 13 Sep 2022 05:41:55 GMT
Date: Tue, 13 Sep 2022 03:21:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b9c6d44f93a72d6c03ebcfadda1a48a
f6100190de6244ae74b6c1250b997749a381ed89
4bf351795fb3a9e8a1a917d6ab202b1c75007bd5dc450a869b4db5dbfdd81dc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 8335006d-add1-4ab7-9930-e2304a6d1de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQn93FGxIAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ced25-067cb6e120bd359b719bb421;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 20:01:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1L31YAxvPdmy1k0o-p11NcSM6ujk8NNaii936rsRrI9XoAxYF7CjIg==
via: 1.1 04e6cfc6f03b8f5e6f5459aacc86b372.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:11 GMT
age: 19384
etag: "f6100190de6244ae74b6c1250b997749a381ed89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda5e1411-5276-4254-9490-1dc24d94cd9a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda5e1411-5276-4254-9490-1dc24d94cd9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46c11754fe0f66d111da0b85ff502bbe
3c2c129525a73a55868ef73a3c4d177a06aa4f2b
e68f7a549886f1c3ded28bc64e2fcc179a0a46ff66703e8af840618a67f543a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda5e1411-5276-4254-9490-1dc24d94cd9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11011
x-amzn-requestid: eceb4fab-9ffa-46cf-839f-164a95d667e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBDBRGHIoAMFpyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316b207-554ff6d524ded7b75eb1a17a;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 02:35:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bxMT53jzfdVFbbAsN2Lfi9b1bxz8KgNFRpH7Q5hYcOZ6tbIThTywIg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 04:22:02 GMT
age: 82753
etag: "3c2c129525a73a55868ef73a3c4d177a06aa4f2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 85df5ad9-f229-4d33-90b9-5dd28c77578a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH396F2SIAMFnGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63196d25-3ee08f1e27cd37e96dba0f40;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 04:18:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Oep2UJdadBnTBuCy7CexUcezT0cCvm_9hroZnV-UrC9lQQxwUc4rkw==
via: 1.1 07c02ae6c53d85283eb15380264d9998.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 05:35:24 GMT
age: 78351
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b3f38b1294f2f10537cba5a856ed04a
2a6c1f297d97f4248d77eba6736b4d937bda582b
9c8de94c3cb87a1a2c967b010c715387bbc09fa92dd67bab988d367603a0cece
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12838
x-amzn-requestid: ad4ebca9-e16d-4fce-ab16-b3b3477c8c06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3rT7H86IAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312f27f-5bf5c45d6c2be4973f0f946a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 06:21:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0y9HXQIrrRjMoaTo3_00lFQMJ5eIywY_22cbVXml0RZjpvfQVctKTg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 14:00:55 GMT
age: 48020
etag: "2a6c1f297d97f4248d77eba6736b4d937bda582b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15c4bbfd3d31955ae2beb1e47f1fda18
9e08828ce3d8d3170875c017ce70230fb60be657
c7cedd44499cf59595fd01e8ddd3bce3e93a86daeec18a7a0868c445f9ac5d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4810
x-amzn-requestid: 9fd1552d-1306-4164-a187-e8dee3cb7a27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqjEBdoAMFY8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-6c15aad5779bf7d625b2ffd7;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2vrSdQU9eQx35iv0ENwLlT1MX6G4zcnZTkPwy_ysh4VkJorpLjfH6A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 19168
etag: "9e08828ce3d8d3170875c017ce70230fb60be657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jj0LCxD4MdspTSEvLVsUaEbdNjjae7G-gogDBKtx1IE9VZauS4BblQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:11:59 GMT
age: 14956
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 725a4250b5157586ef01d928846c444b
ded0861fc24e2f0e41d997a87306ed18a9f71fe5
bb3f1e4e37dd5d46f2a40980fb9ec5728cef228311bae8ab1535524212e5ee64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB3F1E4E37DD5D46F2A40980FB9EC5728CEF228311BAE8AB1535524212E5EE64"
Last-Modified: Sat, 10 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 09:21:15 GMT
Date: Tue, 13 Sep 2022 03:21:15 GMT
Connection: keep-alive
cdn-dimi.akamaized.net/landings/273649/1662542757/css/popup.css?1662542758
184.31.15.107200 OK 635 B URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/css/popup.css?1662542758
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type assembler source, ASCII text
Hash 4ed05a608a8ec589e8aa5b040f7bb878
c58649a707ba64aed8b285d3be9f6b06a85ea6cb
bcc5d06c7b102eed1477b062020dc4414e4f6c4f9e390e3e67fa675a5f0fa363
GET /landings/273649/1662542757/css/popup.css?1662542758 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /88cxIdjwfdSwmXdj/zFSqOT/rp4Jhz9EV+hRLlOXXOgau0EJzmDnhg9BhcIl+TCPNSt1no9hJk=
x-amz-request-id: P200PTWTHYY2QQRV
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "5a61d45142ce5764a2b36dc75343fcd5"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 03:21:16 GMT
Content-Length: 635
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/js/vegas.js?1662542758
184.31.15.107200 OK 3.4 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/js/vegas.js?1662542758
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11568), with CRLF line terminators
Hash 156c4046496d16408b06eb605ce1ab09
0dde2c6bbb3cf64132989866bdc1161be62474e3
657aac4fd9cd122e452b9da290c486d115af6b8fe8d409f39ab1d1d3dff44144
GET /landings/273649/1662542757/js/vegas.js?1662542758 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6jOHNdf7P/W9Oj5RTwRiTSVQgUM2A1383s8X5oro2UGjJNL9ihixLvM9m9+F5xm+Ua2/R8CmWX8=
x-amz-request-id: P204RHA0J0V9XDGP
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "9acc66fdf18dea05bd75165eb5a96259"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 03:21:16 GMT
Content-Length: 3401
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/js/function.js?1662542758
184.31.15.107200 OK 688 B URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/js/function.js?1662542758
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
Hash ba7deda1bcbc1e2d5c127678e05b71a1
4707fef7ab43a522b3cf7f5c0db4c148c5a43701
303187afb2cbbbf6095724df7eaf8c7967bb019dc17e1224d9e2366ac7f381c5
GET /landings/273649/1662542757/js/function.js?1662542758 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xdZrJ0z++sCTqGMKkZswJwExKTg0Rx50kNpd+lHS3O5QZBjhekFpGKpTE2Ya8w8OBNqaghlunsM=
x-amz-request-id: P208E74WHK1A3Q1J
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "5da2c51949f2a873bf0091a104658e72"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 03:21:16 GMT
Content-Length: 688
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/css/reviews.css?1662542758
184.31.15.107200 OK 898 B URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/css/reviews.css?1662542758
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
Hash 9981d741c0ecfa2cdd42e37a9c770a4f
5d035ff2c480bfd72400b0b6c4f1cf1ebb364a07
0eca06442e18b9dc2848557d53796bfbdaf64562e86dad0f5cda3ad7df6e2a24
GET /landings/273649/1662542757/css/reviews.css?1662542758 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: l+eTP9vmSdekboTDVucj0IqEyAw5kLBT007zGnKSYfiQv8brd4n5sHJZ/1QTJux1ktUREfya/Lo=
x-amz-request-id: P201NC113CZKT7DA
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "49398775cf7bea5d44fa55e47020a3f5"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 03:21:16 GMT
Content-Length: 898
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/css/style.css?1662542758
184.31.15.107200 OK 3.5 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/css/style.css?1662542758
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (310)
Hash 3e521c2335d4370a4e30f0093d43fe5b
1e8d092d7f40931f168f3a0d888243d670255d28
fe2c4749671b2c31f25d960e56044414877ee021a83035a85e95fd963a585d3f
GET /landings/273649/1662542757/css/style.css?1662542758 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ZPPMtaV/k0S3V2yjLdkSyztVgMil5CRXjHTOykJhhdekHH4hkLvt7tXtDrkbprM4Vw5t074Ea/Y=
x-amz-request-id: P207TK5X6JGT2E44
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "263f03ba30a4e26861291f5f8d85d912"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 03:21:16 GMT
Content-Length: 3515
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/js/translates.js?1662542758
184.31.15.107200 OK 10 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/js/translates.js?1662542758
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
Hash 51a314788713f61e1e3118060ef14329
62d595c6a9f1bd04348176b170161383cb4cf144
f5f056a3462dd1b2e74e47d3780fd371a7125bbd97457e8243f1f02e7bb883b5
GET /landings/273649/1662542757/js/translates.js?1662542758 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qctf0ZzqOSn8ZCjmVoYrabU7FdBrXw3SANiEa4jNIsPKZLAz7NYvW7F1O+gdAztUT1me/xZ4ux1LjPbbUx3WVQ==
x-amz-request-id: P20BQDM19J9MDAT9
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "a3385b8496ee2ff1ab55ef2be111e4d2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 03:21:16 GMT
Content-Length: 10182
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/js/jquery-2.2.4.min.js?1662542758
184.31.15.107200 OK 30 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/js/jquery-2.2.4.min.js?1662542758
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (32065)
Hash 2fa28552f1ee4e1382ee43930b53afb8
803670da6a35378bf4eb73acc8e72fe4feb5ca30
ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
GET /landings/273649/1662542757/js/jquery-2.2.4.min.js?1662542758 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: exS/amcg/2TLq0MhN8wEqTJakpoNtuZaY4uI2mSPJhwKHgQZS51rOnaiM/kGDPMwUJCAksVtWDI=
x-amz-request-id: P20604ERHT5HREZV
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 03:21:16 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/js/translates-review.js?1662542758
184.31.15.107200 OK 16 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/js/translates-review.js?1662542758
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
Hash ec91618c4f7a13998c8731b2574f3692
44aa52ca4ff08ef277e150f1c2cf49ffb05ada8d
46f4f9a8791ff6f23f34ddd1ac7cb43d2d403aa445367c2c32ac3ddf563d236b
GET /landings/273649/1662542757/js/translates-review.js?1662542758 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Mu/9k3pCTSAzSfV+PiVYuDgKx6nNJ7sb39CiZlaRUaQcWNFVl1n52tcC1FDTxBuOKiHdVGPI0eI=
x-amz-request-id: P207H40KP8MHWJEK
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "f18718f224a9ed8012cc1b7570e3eedd"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 03:21:16 GMT
Content-Length: 16483
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-dimi.akamaized.net/landings/273649/1662542757/images/8-eu.jpg
184.31.15.107200 OK 2.5 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/8-eu.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Hash 41bbda91cef3f22db1d45d66f7ca0961
e2f8f56674e0180063a4f8287931dc0b273baf8e
d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e
GET /landings/273649/1662542757/images/8-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: SzChR3L4BylRhLWZtJu5iCzAct19iVf4sVk198Op5r2LogsG9OAHq/X8XB5e4G07wnb6aoL8TPY=
x-amz-request-id: 9DTJ724Q7BP9Z0ZW
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "41bbda91cef3f22db1d45d66f7ca0961"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2458
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/2-eu.jpg
184.31.15.107200 OK 2.0 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/2-eu.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Hash 66b6dc51bd19c799dcadf1dbeb628d9c
ff7fe6049e944186764bfc5041d624ec11f8d362
d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0
GET /landings/273649/1662542757/images/2-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: o0NlziUrzRYuDuxz4uIzz8zK4YryYCx+vQqxF47Rm0ku/aa/tLIPqtI1GnQr6ootU9+PcazFnNs=
x-amz-request-id: 9DTV86NKK8AYKVNZ
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "66b6dc51bd19c799dcadf1dbeb628d9c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2009
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/4-eu.jpg
184.31.15.107200 OK 2.6 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/4-eu.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Hash cb3aff7c886e4f72a98172b873b5e62d
33de244dcb4db4abe54b6508ae8d1546eb279aa5
d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e
GET /landings/273649/1662542757/images/4-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Z9aaeGfNYw1ofxKG+uAJolWjuwTZfNiy1J+RreTXwvF0mPLbxG3WpWx6KSyRhSJg3qJWMSuHReE=
x-amz-request-id: 9DTV0VS80Z736J8Q
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "cb3aff7c886e4f72a98172b873b5e62d"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2586
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/5-eu.jpg
184.31.15.107200 OK 2.9 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/5-eu.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Hash 27109a247208262e6293950ca8f5450d
cea89616d15ad45a0f2b04082dff608abd96b800
86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96
GET /landings/273649/1662542757/images/5-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qtBu0Ba09BX0gkcysc5l8w00myZENR5iNTyzeQXGdBQJee1ChdVmGL2N8w/nGme2pJ8Yg7i5mWM=
x-amz-request-id: 9DTK13FVYDXSNK0W
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "27109a247208262e6293950ca8f5450d"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2879
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
girlgov.netlify.app/bootstrap.css
34.159.137.246200 OK 15 kB URL HTTP/2 girlgov.netlify.app/bootstrap.css
IP 34.159.137.246:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type assembler source, ASCII text, with very long lines (540)
Hash 7323cac4c50b1b0971f1a275c2136507
c450005b51cdfd1cc1d17e2ef3cbd3c681eb20dc
3d2854beb5391156257d152f4ea1c1efd7ea8975eed203017d8323374c11a282
GET /bootstrap.css HTTP/1.1
Host: girlgov.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlgov.netlify.app/mouse-with-back-hump.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Tue, 13 Sep 2022 03:21:13 GMT
etag: "d68083df4e8d9531323fd9325bf5ade7-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GCTDTYTAV7G57A0VHK0NPWEC
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/273649/1662542757/images/logo.png
184.31.15.107200 OK 41 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/logo.png
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type PNG image data, 1024 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash c0647e470e90e4e76c886ef3f4c651ac
fe1dd72ac0432bd8f261672c7c336cf902503d3c
1d4ad487984a8f689c904f3c2532f034b03d361c081dae581752cdc20d983037
GET /landings/273649/1662542757/images/logo.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 0xBne9MdxBzGObBO7B3uzyP10B8KOVT2McbhKoFdwAsLiHjDVVbXI43uyDT0ElyZnE8BMSIAB9U=
x-amz-request-id: JKBP274YR373TF39
Last-Modified: Wed, 07 Sep 2022 09:26:00 GMT
ETag: "c0647e470e90e4e76c886ef3f4c651ac"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 40774
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
pbzmv.efectivedates.com/c/da57dc555e50572d?s1=2442&s2=1545977&s3=slava-adult&click_id=ZGx0OzE2OGFjYmVmYmY=&j1=1
52.19.101.114200 OK 16 kB URL HTTP/2 pbzmv.efectivedates.com/c/da57dc555e50572d?s1=2442&s2=1545977&s3=slava-adult&click_id=ZGx0OzE2OGFjYmVmYmY=&j1=1
IP 52.19.101.114:0
Hash 807a204a9d4f07c78b8782a7b275e45a
aedbb2659da6ba2d2c2406614f6281f6b8104ca0
793eacba0204c496ba7b6188f120558de1ac0bdd95c8e4c593cf8aa04e186fa8
GET /c/da57dc555e50572d?s1=2442&s2=1545977&s3=slava-adult&click_id=ZGx0OzE2OGFjYmVmYmY=&j1=1 HTTP/1.1
Host: pbzmv.efectivedates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://girlgov.netlify.app/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:21:15 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=631fbf52000f531b; Path=/; Expires=Sat, 12 Nov 2022 03:21:15 GMT; Secure; SameSite=None
unique_id2=631fb42f000e4773; Path=/; Expires=Mon, 12 Dec 2022 03:21:15 GMT; Secure; SameSite=None
631fb42f000e4773_c=1; Path=/; Expires=Mon, 12 Dec 2022 03:21:15 GMT; Secure; SameSite=None
ref_token=15966_2442_163371_129223_164997_156428_166211; Path=/; Expires=Thu, 13 Oct 2022 03:21:15 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 13 Sep 2022 03:21:15 GMT; Secure; SameSite=None
631fb42f000e4773_sl=[273649]; Path=/; Expires=Tue, 27 Sep 2022 03:21:15 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/273649/1662542757/images/icon-city.svg
184.31.15.107200 OK 839 B URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/icon-city.svg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (735)
Hash 5f5ead641bc30316f498592eec2016a1
3195aa33596ba190a6584ccb75124dd9d9c13261
f028477ede528af987acd2bea73c8e462ea4cd6cf1137aae5085c85a82d93409
GET /landings/273649/1662542757/images/icon-city.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2KGsGDlL5TMLZeMamdzyJirsBr/vdfVuj4rmDHDxqnxKq2z7TSL8Vnlu9potuzBP9d+W/RGCtXI=
x-amz-request-id: JKBJXJJWHA0SYRMH
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "5f5ead641bc30316f498592eec2016a1"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 839
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/password.svg
184.31.15.107200 OK 1.3 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/password.svg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330)
Hash f42aef7f97d4c9bdb074673081f38ac7
0231df782e371d139c826e091279acd9a07e691c
5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
GET /landings/273649/1662542757/images/password.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: l9mUTlAM/+Z02w+xTRgyLpLnNwziUeasW7TaUIzFOukxoiKnEZ9DyxJpm+AvScR+a6EVXrzMMCs=
x-amz-request-id: JKBR5VRK7D9DTHNT
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "f42aef7f97d4c9bdb074673081f38ac7"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1339
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/6-eu.jpg
184.31.15.107200 OK 3.3 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/6-eu.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Hash 9a6870069cb979e16b239f9ed485fb3c
c1dc7f3620c8cc391648c550f91b269b04d3c612
3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818
GET /landings/273649/1662542757/images/6-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: M9ftawRi+4mwaXQk4RpDO++TLZvgUWlOu2K/AwpV1TpK3WCwQoS+3qZb36ivx3NYzefsrHFMRCg=
x-amz-request-id: 9DTTA1ZT568BG3N6
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "9a6870069cb979e16b239f9ed485fb3c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 3256
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/7-eu.jpg
184.31.15.107200 OK 2.3 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/7-eu.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Hash 8155d8ecc7dc2d9b29cf99ab85c3d2a8
ba784563c7787760b318af24ea274ad6df2c5b89
7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27
GET /landings/273649/1662542757/images/7-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: acG01JZcTdjQEo+NkKt3C1srmGVVPBaWhI6v+swZJMcsDe/SXAnmJR1aBeHdPQEHUFArtuLCn5U=
x-amz-request-id: 9DTKKDJKRF0C96NG
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "8155d8ecc7dc2d9b29cf99ab85c3d2a8"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 2282
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/unlock.svg
184.31.15.107200 OK 2.4 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/unlock.svg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944)
Hash a732e1e06affb4575c050fdb0131e5ca
da4f4f204a4d22c7424274a91520e0ea993c48c7
e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
GET /landings/273649/1662542757/images/unlock.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: uTSaQDIrVpk4K/C04Qssf6v61Zmm5nb75yD/GNZ2D2vwZ8TdLwGviBx60MRlgbWwx/zzja8RPrY=
x-amz-request-id: P206GN5G9K2AWYTK
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "a732e1e06affb4575c050fdb0131e5ca"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 2378
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/shield.svg
184.31.15.107200 OK 1.5 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/shield.svg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310)
Hash 0c7a0dfd64cf020cd8a6dc0c3df1dbdf
f705635388aebebae1223d828c38233067f28ab1
856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
GET /landings/273649/1662542757/images/shield.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: NolX+zfuY1pI9UhDl8jnkg2wm36fkFKGoizFQOTcs/WRac1r/QApNY1+UYUnmEjZXNr8FewmM/k=
x-amz-request-id: JKBZDX6M1Y24JQ5X
Last-Modified: Wed, 07 Sep 2022 09:26:02 GMT
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 1539
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/3-eu.jpg
184.31.15.107200 OK 3.9 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/3-eu.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 80x80, components 3\012- data
Hash 1dc512dcb0850f22cfa72c789578085c
933e9c5648e782c9f9a1504d2248f0acb4b9950b
7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00
GET /landings/273649/1662542757/images/3-eu.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: SljAWGKRUfHVRGA8zsqAxsd9GlvmwbBh1RNm+bIW3yKScf0TwDcWeHCU5qV/p+LVwyBWUD5aR3U=
x-amz-request-id: JKBSDT759X02PVF4
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "1dc512dcb0850f22cfa72c789578085c"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 3946
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/1.jpg
184.31.15.107200 OK 57 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/1.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x1000, components 3\012- data
Hash cd41e3e2c1156b62fc4645da34b10586
1e311a59c96cf4c3e18da194815deb9a63fba2ec
1b531f4a6a961037b801ecef8228a9b46efd2d3cff18bd872d32b91cd4585d79
GET /landings/273649/1662542757/images/1.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: avQBJIDvZmUr7uTniag+MTIVUk+i16GQsrsgQNHcPAd+0DSd6syVruhoe+6n7Hp2xt8e5p4bHcg=
x-amz-request-id: 9DTWENPP32SVRRFG
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "cd41e3e2c1156b62fc4645da34b10586"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 56762
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/action_icons_20px_2x.png
184.31.15.107200 OK 1.7 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/action_icons_20px_2x.png
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Hash b699975b5fe73b087e711a33ff24ee1e
0e33cc5c32a5e7d18440751e3946076664caaf53
4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
GET /landings/273649/1662542757/images/action_icons_20px_2x.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/273649/1662542757/css/reviews.css?1662542758
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: +6SQc618f7rYcjJNMiFBq45EF9vnnid3MCBjw0HkdptrBYESOzzHk2rHKKP1PXyxjQdcufCLcWY=
x-amz-request-id: JKBP6HAEABFQ7T60
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "b699975b5fe73b087e711a33ff24ee1e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1726
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 03:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
142.250.74.10200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
IP 142.250.74.10:0
Hash af799c3e9e75fe08901d8de9015fcb5c
24b8873d5575cfa2385cb38e3e028552e41f6835
096b925b590214a7846f0da0d92db35893e1bd1fc3c9bb4f4125b5b7223e1e8c
GET /css2?family=Roboto:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 03:21:16 GMT
date: Tue, 13 Sep 2022 03:21:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pbzmv.efectivedates.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 460028
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/images/favicon.ico
184.31.15.107200 OK 4.1 kB URL HTTP/1.1 cdn-dimi.akamaized.net/images/favicon.ico
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
GET /images/favicon.ico HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 3PLd1JbxzMUZnvLfJ08LlqJVa0X1bm3g8lDKKuDaPcpHRGpUOyvL763tb+Zgy/zeSb8kMvb/P10=
x-amz-request-id: 2XWP9N688THY1C8H
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 4103
Date: Tue, 13 Sep 2022 03:21:16 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/2.jpg
184.31.15.107200 OK 57 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/2.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x1000, components 3\012- data
Hash 8cba65f08543dd02c9941c7630397662
fa7577818f1eafcb4145f58eedbfda8105ac3b9d
d0afb642321382fb1e5d5069795168980605aebba36d643c3a0d75bbc68bf611
GET /landings/273649/1662542757/images/2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: WCRFK00UBTgVr8TZ9pP95usWKE4XDR0mo+eh0zCX5QDB0JvMvMK4yuXTvFqxqa46z8geu0TNV2o=
x-amz-request-id: 9DTNCAZJ4QZVVYEW
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "8cba65f08543dd02c9941c7630397662"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 56841
Date: Tue, 13 Sep 2022 03:21:17 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/3.jpg
184.31.15.107200 OK 58 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/3.jpg
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x1000, components 3\012- data
Hash 46f31318d54f73548561cb1c051bca1e
8d95f9a6b8d71218581120620dfc6789e5137f43
4429d6904c5bb0df0682b96518cdbe81bd2fa084d05b443505806eeffacee6ee
GET /landings/273649/1662542757/images/3.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xQLJTRQrZ9OlBwORMoDoYqn5QOUyaBjFfaDBL4ghGFfIFDrPhYDFKElxpTfbUo7BWJ6KcHNNAMw=
x-amz-request-id: 9DTZ11TM07B17E7F
Last-Modified: Wed, 07 Sep 2022 09:26:01 GMT
ETag: "46f31318d54f73548561cb1c051bca1e"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 58014
Date: Tue, 13 Sep 2022 03:21:17 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/273649/1662542757/images/1.mp4
184.31.15.107206 Partial Content 873 kB URL HTTP/1.1 cdn-dimi.akamaized.net/landings/273649/1662542757/images/1.mp4
IP 184.31.15.107:0
ASN #20940 Akamai International B.V.
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 873 kB (873162 bytes)
Hash 1d511f1d803f7a189d6bb4c511948b8c
b7490fe7d666cc7cafb01f7d2cacc8af69dc5e67
14d35a377b8338f80c12f6f3493623f645b9c26339583f4fd9613fe339d19c55
GET /landings/273649/1662542757/images/1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
x-amz-id-2: A4mDE1VNRJjQZWENUE+XVqVGObhAc//6vIAFLJ5qxjK6SCqhZKF8O+BvNZJPDlFWZBaQNg2Ak5s=
x-amz-request-id: MWZEGD3KP6H77N6V
Last-Modified: Wed, 07 Sep 2022 09:26:00 GMT
ETag: "1d511f1d803f7a189d6bb4c511948b8c"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Tue, 13 Sep 2022 03:21:17 GMT
Content-Range: bytes 0-873161/873162
Content-Length: 873162
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
getyourlink.top/dlt/mouse+with+back+hump
104.21.70.110302 Found 0 B URL HTTP/2 getyourlink.top/dlt/mouse+with+back+hump
IP 104.21.70.110:0
GET /dlt/mouse+with+back+hump HTTP/1.1
Host: getyourlink.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlgov.netlify.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 13 Sep 2022 03:21:15 GMT
content-type: text/html; charset=UTF-8
location: https://pbzmv.efectivedates.com/c/da57dc555e50572d?s1=2442&s2=1545977&s3=slava-adult&click_id=ZGx0OzE2OGFjYmVmYmY=&j1=1
access-control-allow-origin: *
set-cookie: e453cd2ae6e2b7fb67eaa089ff941a1b=0; expires=Wed, 14-Sep-2022 03:21:15 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUOQGBYXB4KBsRhALU0DHAkHLDY%2FphM9mPB8Xo7sz75K3cSR0u9usSn2%2F1jIJHIWI0pSM67a7s%2BFLB5S9AyOnI7Ree89VTEUiuhYG2Jl9sBHBjBL51NT%2BIa%2FXChMBkgxhcQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749dc06fdb2a1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pbzmv.efectivedates.com/js/pushjs/1.0.0/utils.js
52.19.101.114200 OK 0 B URL HTTP/2 pbzmv.efectivedates.com/js/pushjs/1.0.0/utils.js
IP 52.19.101.114:0
Analyzer Verdict Alert fortinet Malware
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: pbzmv.efectivedates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/c/da57dc555e50572d?s1=2442&s2=1545977&s3=slava-adult&s5=backuser&click_id=ZGx0OzE2OGFjYmVmYmY=&iexpp=1&j1=1
Cookie: unique_id=631fbf52000f531b; unique_id2=631fb42f000e4773; 631fb42f000e4773_c=1; ref_token=15966_2442_163371_129223_164997_156428_166211; impression=; 631fb42f000e4773_sl=[273649]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:21:16 GMT
content-type: application/javascript
expires: Tue, 20 Sep 2022 03:21:16 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
gethouse.top/get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCJ9&a=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
172.67.200.42200 OK 0 B URL HTTP/2 gethouse.top/get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCJ9&a=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
IP 172.67.200.42:0
GET /get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCJ9&a=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0 HTTP/1.1
Host: gethouse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://girlgov.netlify.app
Connection: keep-alive
Referer: https://girlgov.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 03:21:15 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, GET, POST
access-control-allow-headers: Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 13 Sep 2022 03:21:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ahq2LANRpXCwgM6lTjf9BpvlaxYqYKKNIFtnqMkP1O%2BEt1R530DkOFjXHHsfA1grC1sa3uM1RBoCA2hX5H%2FPR97CB2xl3AmqzeYtvnckHPJz32NUmIPZq34XP%2B7JHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749dc06bbfcefac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pbzmv.efectivedates.com/js/pushjs/1.0.0/subscriber.js
52.19.101.114200 OK 0 B URL HTTP/2 pbzmv.efectivedates.com/js/pushjs/1.0.0/subscriber.js
IP 52.19.101.114:0
Analyzer Verdict Alert fortinet Malware
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: pbzmv.efectivedates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pbzmv.efectivedates.com/c/da57dc555e50572d?s1=2442&s2=1545977&s3=slava-adult&s5=backuser&click_id=ZGx0OzE2OGFjYmVmYmY=&iexpp=1&j1=1
Cookie: unique_id=631fbf52000f531b; unique_id2=631fb42f000e4773; 631fb42f000e4773_c=1; ref_token=15966_2442_163371_129223_164997_156428_166211; impression=; 631fb42f000e4773_sl=[273649]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:21:16 GMT
content-type: application/javascript
expires: Tue, 20 Sep 2022 03:21:16 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
girlgov.netlify.app/font-awesome.min.css
34.159.137.246200 OK 0 B URL HTTP/2 girlgov.netlify.app/font-awesome.min.css
IP 34.159.137.246:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /font-awesome.min.css HTTP/1.1
Host: girlgov.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlgov.netlify.app/mouse-with-back-hump.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Tue, 13 Sep 2022 03:21:13 GMT
etag: "f39f5a728c417e85499ac1451e48241d-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GCTDTYTETH9G1AW8SA305074
X-Firefox-Spdy: h2
girlgov.netlify.app/style.css
34.159.137.246200 OK 0 B URL HTTP/2 girlgov.netlify.app/style.css
IP 34.159.137.246:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
GET /style.css HTTP/1.1
Host: girlgov.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlgov.netlify.app/mouse-with-back-hump.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Tue, 13 Sep 2022 03:21:13 GMT
etag: "fa813aa694963667c00528ee2166faf6-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GCTDTYTDFNMAAHJAAGYR4B4M
X-Firefox-Spdy: h2
gethouse.top/get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCIsImUiOiIwIiwiZCI6Imh0dHBzOlwvXC9nZXRob3VzZS50b3BcL2dldF9qcXJ5LmpzIn0%3D
172.67.200.42200 OK 0 B URL HTTP/2 gethouse.top/get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCIsImUiOiIwIiwiZCI6Imh0dHBzOlwvXC9nZXRob3VzZS50b3BcL2dldF9qcXJ5LmpzIn0%3D
IP 172.67.200.42:0
GET /get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCIsImUiOiIwIiwiZCI6Imh0dHBzOlwvXC9nZXRob3VzZS50b3BcL2dldF9qcXJ5LmpzIn0%3D HTTP/1.1
Host: gethouse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlgov.netlify.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 03:21:14 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, GET, POST
access-control-allow-headers: Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 13 Sep 2022 03:21:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Xiy1exunkLlaX2N%2FV9b%2Fkby2ioTRUntw5ijD1U%2Fg5y97ggskjKxXS4sk3af2USmWZYj1VlQXqAVUD%2B%2BCO%2BY0oMwBzmZ%2BPX%2F7qdumr2yjap7PpJgbL7LG3ukFEPn7qI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749dc0673f32b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pbzmv.efectivedates.com/js/service-worker.js
52.19.101.114200 OK 0 B URL HTTP/2 pbzmv.efectivedates.com/js/service-worker.js
IP 52.19.101.114:0
GET /js/service-worker.js HTTP/1.1
Host: pbzmv.efectivedates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=631fbf52000f531b; unique_id2=631fb42f000e4773; 631fb42f000e4773_c=1; ref_token=15966_2442_163371_129223_164997_156428_166211; impression=; 631fb42f000e4773_sl=[273649]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 03:21:16 GMT
content-type: application/javascript
expires: Tue, 20 Sep 2022 03:21:16 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap
IP 142.250.74.10:0
GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 03:21:16 GMT
date: Tue, 13 Sep 2022 03:21:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gethouse.top/get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCJ9&a=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
172.67.200.42200 OK 0 B URL HTTP/2 gethouse.top/get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCJ9&a=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0
IP 172.67.200.42:0
OPTIONS /get_jqry.js?p=eyJ0IjoibG9jYXRpb24iLCJvIjoiaHR0cHM6XC9cL2dldHlvdXJsaW5rLnRvcFwvZGx0XC9tb3VzZSt3aXRoK2JhY2sraHVtcCJ9&a=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0 HTTP/1.1
Host: gethouse.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://girlgov.netlify.app/
Origin: https://girlgov.netlify.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 03:21:14 GMT
content-type: application/javascript; charset=utf-8
cache-control: must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, GET, POST
access-control-allow-headers: Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHxhxOOUB3%2FMGMbZ4pw%2BGVKjojrxf4hPQPZAxPMvL7v859jKEAWRC1bwg3%2F6QJ7%2FO2YZCxUGgVfd%2FCR4sxO3fVEGjCcaUyvR%2Fso6xJRpv9nWOj9UAPn4Uj0GByi0jHE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749dc0698f68fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2