Overview

URL www.remembergirl.com/ALL-C2/index-en.htm
IP172.67.144.116
ASNCLOUDFLARENET
Location United States
Report completed2022-10-02 21:25:44 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-02 2 www.remembergirl.com/ALL-C2/index-en.htm Malware
2022-10-02 2 www.remembergirl.com/ALL-C2/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js Malware
2022-10-02 2 www.remembergirl.com/ALL-C2/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js Malware
2022-10-02 2 www.remembergirl.com/ALL-C2/Javascript/jquery.695b55bf947b588e5fad6be1acfdc (...) Malware
2022-10-02 2 www.remembergirl.com/ALL-C2/Image/CWB0XYA8bzo0kSThX0UTuA.woff2 Malware
2022-10-02 2 www.remembergirl.com/ALL-C2/Image/mnpfi9pxYH-Go5UiibESIltXRa8TVwTICgirnJhmV (...) Malware
2022-10-02 2 www.remembergirl.com/ALL-C2/Image/mnpfi9pxYH-Go5UiibESIj8E0i7KZn-EPnyo3HZu7 (...) Malware
2022-10-02 2 www.remembergirl.com/ALL-C2/Image/2UX7WLTfW3W8TclTUvlFyQ.woff Malware
2022-10-02 2 www.remembergirl.com/ALL-C2/favicon.html Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (20)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS tsyndicate.com (2) 13042 2017-03-16 09:04:54 UTC 2022-10-02 20:19:12 UTC 136.243.51.205
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-10-02 15:34:27 UTC 104.18.32.68
mnemonic passive DNS main.exoclick.com (3) 33599 2015-09-01 10:25:49 UTC 2022-10-02 17:53:02 UTC 95.211.229.248
mnemonic passive DNS bam.nr-data.net (2) 630 2015-02-10 00:06:27 UTC 2022-10-02 12:30:16 UTC 162.247.241.14
mnemonic passive DNS ads.traffichunt.com (1) 68632 2017-02-03 18:01:30 UTC 2022-10-02 07:20:32 UTC 34.193.186.63
mnemonic passive DNS www.remembergirl.com (21) 0 2018-09-19 21:54:45 UTC 2022-10-02 15:36:19 UTC 172.67.144.116 Unknown ranking
mnemonic passive DNS www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-10-02 14:05:11 UTC 142.250.74.168
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS nextgencounter.com (1) 92600 2021-03-02 12:36:36 UTC 2022-10-02 15:18:05 UTC 209.208.78.145
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-10-02 16:25:36 UTC 65.9.86.127
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 65.9.86.7
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 65.9.84.225
mnemonic passive DNS js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-10-02 12:30:16 UTC 151.101.86.137
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 34.217.237.91
mnemonic passive DNS ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2022-10-02 05:06:10 UTC 192.124.249.36
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.76.226
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS tfosrv.com (1) 65142 2020-11-18 17:01:44 UTC 2022-10-02 08:20:16 UTC 216.18.168.29


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.144.116

Date UQ / IDS / BL URL IP
2022-11-27 16:14:17 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C/index-fi.htm 172.67.144.116
2022-11-26 09:35:04 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C2/index-de.htm 172.67.144.116
2022-11-23 12:57:36 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C/index-en.htm 172.67.144.116
2022-11-23 09:19:56 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C/index-de.htm 172.67.144.116
2022-11-22 18:34:40 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C/index-de.htm 172.67.144.116

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-11-27 18:47:34 +0000
0 - 0 - 4 anonymityindignant.cn/Qatarair/tb.php?ma=qo16 (...) 172.67.132.154
2022-11-27 18:47:22 +0000
1 - 0 - 0 zentrum-kunden.northlakecdj.com/b93db188572fc (...) 172.67.187.105
2022-11-27 18:45:05 +0000
1 - 0 - 8 melbue.com/335cf4508dd597be4bfc9caa3e08b901/l (...) 172.67.212.7
2022-11-27 18:43:16 +0000
0 - 0 - 2 www.sinkbank.ru.com/kpcbibrnqal/wvmjwbru87406 (...) 104.21.51.69
2022-11-27 18:43:11 +0000
0 - 0 - 3 disclosures.space/tagajowatujo6ret2.pdf 104.21.34.88

Last 5 reports on domain: remembergirl.com

Date UQ / IDS / BL URL IP
2022-11-27 16:14:17 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C/index-fi.htm 172.67.144.116
2022-11-27 04:20:12 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C/index-en.htm 104.21.47.45
2022-11-26 09:35:04 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C2/index-de.htm 172.67.144.116
2022-11-25 09:21:12 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C/index-cz.htm 104.21.47.45
2022-11-24 11:35:34 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C/index-de.htm 104.21.47.45

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-09 18:57:19 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C2/index-en.htm 104.21.47.45
2022-11-06 13:53:42 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C2/index-en.htm 172.67.144.116
2022-10-21 20:00:02 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C2/index-en.htm 104.21.47.45
2022-10-21 07:54:13 +0000
0 - 0 - 8 www.remembergirl.com/ALL-C2/index-en.htm 104.21.47.45
2022-10-21 01:30:22 +0000
0 - 0 - 9 www.remembergirl.com/ALL-C2/index-en.htm 104.21.47.45


JavaScript

Executed Scripts (10)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (57)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20257
Expires: Mon, 03 Oct 2022 03:03:10 GMT
Date: Sun, 02 Oct 2022 21:25:33 GMT
Connection: keep-alive

                                        
                                            GET /ALL-C2/index-en.htm HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 02 Oct 2022 21:25:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:40:57 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vldl19LPEW6oY3jYT8KZA%2BWOt6eI9zCgNpVTT%2Fk4ZBMJMz27wDIgD7cdgKbd7mLAAgJykdmZDFG%2B0GzaNmV4SYL4Wv%2F%2BFjiPOZ3zn495eURrUN1aIpb%2Fn5HjaWXz1WIYwsrLDbTdtg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754082e55d55b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3322), with CRLF line terminators
Size:   3712
Md5:    2cd7583eedf7adf172d471b13c72912d
Sha1:   e73c87fe1f644c3290b83b38215d2347661a39e8
Sha256: 5fc4b9f8b279ebe5a254f8920f947b08726ed46208562ad578ff6850d29e9a4a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.127
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 21:16:50 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: YGroSCzTYCJwgpeAmGCqglxz7ExbPKmXWWswQz_jZ3ng4ALpyjBbLg==
Age: 523


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.7
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: fVOvgndViMfsUzRfB8d6MaM86nEYM-6iMrF3m76Bcy7_BJSsf0ewfw==
age: 57426
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 21:25:33 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ALL-C2/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:42:03 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5835
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbF9DxdRlGmG%2FuMN8ayLJUycrJJDY6%2FYaKH9UZJz%2BgCS%2B8FY1mFoPaqT0Lm3RpLABAhG0bnyBjkFuKH%2BTOaJU42dxkCTnkrBR3ub48qEAIhamZndvEtzk0XqH2glP7er1jmB6MixqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e7d812b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (439), with no line terminators
Size:   322
Md5:    9b6c5922e758dac061cdd2ac08a44dc6
Sha1:   76127f5cbaf8480d20025875d5b28352d0155f67
Sha256: 86b978adf36f936d31b58ebed5babf15754a0f3a9a5bda8b1abc125e34112794

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ALL-C2/CSS/bootstrap.47407f28f6b047490b60b0854c97a929.css HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:39:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2891
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZhq1ngwoM7oyPaNLZodvf5LrIG0MJUY8Ykk6CE4k6rTRzOzDbhyE5UAVogsB7ilw71R7KVrWdPWlUuQeqAnRMZt0IWpu%2Fy4Y%2FkrSQL9v4GYio4Q4YfgF%2B%2BH6HUeeljk0TCCQoHaUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e7ed02b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   18349
Md5:    79c64708a674ebd6c5838fe44f76812d
Sha1:   bdfafa7ae6fa3d27642dc67d0c322ad5ab9c75f6
Sha256: 9fe8a02c5a12a56fbe88d7bd9e041928044c12ed36342b3c039fce804b900608
                                        
                                            GET /ALL-C2/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:39:25 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6999
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1ftyYPodqk5cfZ4b6IoUTpqvkl2RpqhLUW6Z2syPOFfNLWvV9%2BAtRCVjTXegZiE1%2BFZbavpfBuObtnoWDDG1leGiJm2%2BokcxsTGC4TI9hyhYgbx4qIi272dwozXaL%2BE41WVhZMb%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e80d1fb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (500), with no line terminators
Size:   267
Md5:    522cfdad76e76fe6c38bdf2e6960d3b0
Sha1:   c077b32e8907a1e07e3953312585dd317b4580d9
Sha256: 3f5483c750207966261ddcd5a6d403a947422af1594354c9705fe78a7dbf73ec
                                        
                                            GET /ALL-C2/CSS/style.a699b1caf61e690ba1b00116d51c9269.css HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:39:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2891
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDaI8QEj0JEQKIdpx%2FgBvw4qluiWrrDBDpVvDuQqO7u8vnB5Ra0scHp6mRqAASXY%2B5FtzTn60ez%2BKcdbgWd9lEH%2FBYrvhqXV7CNncYCt0bskC%2BkcemPLZlQaomlrUStYLG0yzQXm6A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e80843b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (5562), with no line terminators
Size:   1656
Md5:    38698d62955ca07b93fc5cfb168fc5f6
Sha1:   d78be28c5f85d9d921a4590ca5a20243c56848a7
Sha256: 8c26570e736d8bfbc1ea1bbc1e27439681aadc096bf459dc16488860e3e0b389
                                        
                                            GET /ALL-C2/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:42:18 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6457
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo0O%2F%2BGLeABPic7%2FyIwbD2aLA1TZWl%2FIWEx3EUQC%2FqRkbokpsoqovcQRgiMo6rGzEE%2B0MryS1R3xal6mhfD7LKUe%2FpWBO7rTzk6C8bskf8RYvqFXjVpYhpirQO70zxomZjWr%2BQ9ZCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e80849b511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  CSV text\012- , ASCII text
Size:   205
Md5:    b9d267e43fd40d4fa658bc077d0da73a
Sha1:   5a2250a04febbd908b66bbdb239530ccc596b121
Sha256: 8c133670ebcebb885e9399642de66a5b4c76c5bdc004bb00efb3b425d1ea04ed

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ALL-C2/Javascript/jquery.695b55bf947b588e5fad6be1acfdc1f6.js HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:42:16 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6457
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WS1NQ1hQGwx3lu%2FLBc6sjXdpXK56XiZdO%2FTjecd5OtJUoxGOi%2F8%2BGexEZasF0VdVWlIKvx1czRkNEkEfEyn1%2BYgFDWOs%2FFZG2V4qsJmk7%2BUIcgiv9faRZc33RE5fBPIhGnP6ZoxeNw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e80d8cb4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   33226
Md5:    84c729160ad9e60adc389245792e6f04
Sha1:   62b9403c82a581a8916abf1b42054e67fe9fd425
Sha256: 1ffa746356f90a62c9f59ee0b45ef39b230c440f4337295da00206a855f3888e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ALL-C2/Image/7.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 47477
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:53:41 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6981
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmjFhmVp5aMcjvbRB6ZoQMKgGQuhBKVpffpXNtUTFdVkOlYIGPImavzmuIXZtRzz26oI63po6azY5Wy3XfOPpFBCXO6pylJcxrVwf9Oaqfg9iQAv%2F3jMefRILU8vSQuNhBDjDBku1g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e8287eb511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   47477
Md5:    2547737234a33da21fba2f88ec0f36b8
Sha1:   0d5a5fe88bb8a6f0f3727e7b65da97a167b16c04
Sha256: d78652aa5afade543add0eb499ed831b2d06f556d120c440fb54de4f74eee4d7
                                        
                                            GET /ALL-C2/Image/3.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 31810
Connection: keep-alive
Last-Modified: Thu, 07 Jul 2022 06:36:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7051
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM0ETxiCSbA3ycN2YGdrz00DzoTOeDm8ZvfseSEREcPIqNDhJ9qY71phAOH85FCd8U2YB7OGfe7GxW%2Fz%2FIk%2F7RnGW75zM39nfIY5DlMFwDj4cJjxkanS7WKN8dMNTLSDqAImJPggSg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e8287fb511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   31810
Md5:    9ef51dc2cbc00193eb3d513c98d15436
Sha1:   c718fc1640f344169064240b5cc2600c89a492ef
Sha256: 5aa3f92f1f9374582e20cbe092fcf070daa6b1859af688a1a516541c8f2aea46
                                        
                                            GET /ALL-C2/Image/2.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 34231
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:53:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6457
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvcZBbMIqhJ%2B%2FlxYqfURkqqFO3629QPcjG%2BkcSuiXSh94mcE6TYN2XWWpc0Dhbcsm%2BPqF4Mt6l2F2RMCCYUfV%2Bca5GkEglYbj5cTzSVKEu54aSZviQww3sYAdX9rq%2BBHHbsxtYtnFA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e82da8b4eb-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   34231
Md5:    11372c3024d634aeb250b4fffee6fdea
Sha1:   7639871286a3fec088f3691deda160ad3a06efec
Sha256: aa61f4fcde676ac24703d6562718ddfce6f0850568191896d9c3ce71ed630be2
                                        
                                            GET /ALL-C2/Image/8.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 34489
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:53:44 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6981
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FQSsCO75%2FrZAXccMVgmBhKs95u0XU8kfyRFc48vonz8RulWFDUoUAHt%2FI2RrHODTraKlgV5J%2BWvH5x6n7V1NCbHqxO4AawfvZP1zm1SSWFRxKAIPnp05J21D0nJEfpqoP0528GWzg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e828590af6-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   34489
Md5:    ad047e5458e605126d282fd4888f61f1
Sha1:   23c3c0c25957e8041e4a5726513d59a62a94a12c
Sha256: f8614fba335c92e0e4ff4398b056a32bbd5ef8f91930bf9e81d3b5a7bc6f272d
                                        
                                            GET /ALL-C2/Image/1.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 47588
Connection: keep-alive
Last-Modified: Thu, 07 Jul 2022 06:36:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7051
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdDhQgUaJWIpumOfmSqIpA3lBfVExIHSi5%2BFbwlHbt%2F91VahXmq2E9o8uaMGhSqzl57tr1%2BnJwCEDztA2rgSpJeEiRbOeoStKmxZhNRhc%2BkpnjpGdWuTHs3d04zUomntL8TOwAjdDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e82daf0b55-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   47588
Md5:    b152be0956362bbad0ebfdbdba60b1be
Sha1:   558696b0241df958d48acf3d4804d5351e8e1eb8
Sha256: 3ce95f76ae780b85f5216f7b8f95e655e5f4a736a7bbb0b8530799790f2587de
                                        
                                            GET /ALL-C2/Image/6.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 37095
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:53:39 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7009
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkCejSCDbIBX%2BkISZtG6tz6hs99C%2FuFhY%2FJAUNXklTeZ7mmmdmhCRQvMON9Jf2KK6aYLhLQiHFwAUzUcseNGW9NvM2XtiXaODo9a%2BOM6N2MnLhOG5a9uelUdFl6sh74Y3uDFqn7Bug%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e83d91b4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   37095
Md5:    0d7b0104dc0b2f33912840c78f6f61b1
Sha1:   679f5ce4dfe2d5398498d535cb5b699bb50a0f7a
Sha256: 674286f04be08e39556e3953faf4de85aaf9c8e812e36b78254d034af2e2349a
                                        
                                            GET /ALL-C2/Image/4.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 31108
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:53:36 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7009
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rOK07BTdYNXyOq7TuDkaN8DQb%2BP2lA%2BMz0PfV7jrvMsx09m%2BHBehvmbSSY5v3%2B%2BpahkJKvcLLJHfZxRHQS81YDQ1QcoTQhCla0tg9ViM3frlY0zIow22MGVcdjDEkootLLknRJkuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e83890b511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   31108
Md5:    c15c058edd96dee7520a5aaf47462e45
Sha1:   4843225c4968ac429d7b430aa2e66fc87a1536f3
Sha256: aec5378784728ab5ccfb3fd6d996693f923c8553dfa73f8215ef8bb3f245fed9
                                        
                                            GET /ALL-C2/Image/5.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 21170
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:53:37 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6457
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10fGEVeej3ZiBXnHz0%2BDay4C1nJyNpAVY0bQHacEte9cyUtIpx9FdRlZYT6TQHI8QuFnYe7XKhEJw8jSVmzGSxaPVwc%2FC%2B1vRxD%2B0P6Jk9xD7lmAT8XECxHC9AYHjPMfHXa5l0Ot0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e84898b511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size:   21170
Md5:    c42e3a485021ecdabe6d4104fbdbb403
Sha1:   fdc6858cb6e66b6b97c6b02f4c8ec6edae622f3b
Sha256: a54f494b3dea99baa8b37119a06bacb3a2d56b79569f08dc6952be8a0e840691
                                        
                                            GET /ALL-C2/Image/maincontainerPicture1.jpg HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/CSS/style.a699b1caf61e690ba1b00116d51c9269.css

                                         
                                         172.67.144.116
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 61278
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 15:53:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4808
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdPt1lZS%2BQuDEmtTibnRS9jVFgzXWIPGrYBhl2KZ3SEprDuPkeF%2BWdN5oSMvg2Ngka475Ip6v9R%2FdNFewqJODFsFXks03w55ztg1M%2FgcTfntF0jlBYFe2ziNxsUw0HPUkF0WDHUFeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e88e200b55-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 792x1103, components 3\012- data
Size:   61278
Md5:    926894b12cfdf2cd3f04ebe2b25800c0
Sha1:   3b9a12994076ec004248e64f93a9d1697b07d98f
Sha256: be01e5eafebe629f566093af14700274b908f7f4d572b2e3e5a1fa3b43bba6fe
                                        
                                            GET /ALL-C2/Image/CWB0XYA8bzo0kSThX0UTuA.woff2 HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

                                         
                                         172.67.144.116
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 128
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB3LJe4fLSqvCz0ReFEQucKzZYj5%2FRKwqH29zYLzPUL2wpo7NmfupvErpkCPe%2BSuE5u7pb2NZRfWyRESTIQofzpmN6gWuYVBdhyur3ROLn7ymZXM29WifLXGEpWvNBldr0P8f9wUhg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e898e4b511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ALL-C2/Image/mnpfi9pxYH-Go5UiibESIltXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

                                         
                                         172.67.144.116
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 127
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhO231VP%2FetRaR9Xys9NC9Di88WAiPcrniWfqRcx%2BMpfKMUaIvyTzKpuWbhegfEYsgCjFCUIZ2B%2FhXr321ifmqPltnyScOr%2BJxg6F8q7cdm4SJmnrSds9INmwjm4krB2Kh4LK8HsRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e89e02b4e8-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ALL-C2/Image/mnpfi9pxYH-Go5UiibESIj8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

                                         
                                         172.67.144.116
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 173
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQx4MBmaKMJijMxBUWJNz2UWwdPDg%2FmWAl9LjxwDk3egyikI4sXylXxBnbrmfIew6ySw1wV9Fk5JYEoTiwI%2FlGQobONY1tA3v8baaCV8R0Xgyx%2BilA2TrsT8sdbAVJa9SyKT%2Bq%2FmHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e8b906b511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ALL-C2/Image/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

                                         
                                         172.67.144.116
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 173
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CobAy72yHjLRlTjIEZD7Vn3E%2F6%2BvLbgQ5clsf1Mrzn9%2FOXZ1N6SwBU3S9w7SB6Kv64Sx6B4eeLPbCYMT2f8uos7jCmx5Uwg%2F%2FJlMhnAw6UZmacIPiSFmE2D7%2BeBSNEb2TLSDg%2BEhHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082e8be3f0b55-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   315
Md5:    a34ac19f4afae63adc5d2f7bc970c07f
Sha1:   a82190fc530c265aa40a045c21770d967f4767b8
Sha256: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /gtm.js?id=GTM-TMR4NP HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         142.250.74.168
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 02 Oct 2022 21:25:34 GMT
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   250
Md5:    5ae78957676cab7159ea2f4a5ea54e50
Sha1:   41a97e656e0281bc7b301c65ba50a2fee8b9032d
Sha256: 0fb531b56a49775ee90eca4a92bd63cc65bb650daafb649424fffd928fe195c6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-TMR4NP HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.remembergirl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 21:25:34 GMT
expires: Sun, 02 Oct 2022 21:25:34 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14188)
Size:   41375
Md5:    14230c9b26bfd1729a8b10345bcc1d49
Sha1:   8fe78679f569b51fa0e2c32f410d0554c4145dba
Sha256: 6bfbcb48b6409feb1fb518105b7bbedbce6675dc9d24b8e69bb2ecf5cd65cbbf
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.127
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 20:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 20:57:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: AWkq_oa0kdtlN42A-eCQxVLeE8xIu-RI_hFtPYWJZwulKgRJV2I6Hw==
Age: 3361


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ALL-C2/favicon.html HTTP/1.1 
Host: www.remembergirl.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C2/index-en.htm

                                         
                                         172.67.144.116
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1MGGezmc%2BoCt4kowl6elfIfCtLnpCAe0BAgKipUAn0Etmmp%2BuooV3FVWlrw9oaNtUwobt0N4F9b1CddPYxbDZeQkDvfUyH4lAoYGwFm0Sk%2FZ0p7o7xtb5yFEmmGWfiioaWuuRq%2BTw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 754082e97eea0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   245
Md5:    bb58045e693f1b3dee82b8d743307e01
Sha1:   f32e2fc403bf9f1c5d0bb2c06ca9e2c0f8af8252
Sha256: 856d35da5931d2f04d36b9d4367a7868d106cfc8a59edf17f511ff5dd25aed82

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=296277642 HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         136.243.51.205
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: ecba41cee811f977
Set-Cookie: ts_rt_06eb0705-463f-4b96-836b-64bf3cfa8631=AM_QaTNGTA8ZOWzIuHHDBg0ZAQE=; expires=Mon, 02 Oct 2023 21:25:34 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            GET /api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=1281863812 HTTP/1.1 
Host: tsyndicate.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         136.243.51.205
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: ba0fc6797f772a55
Set-Cookie: ts_rt_e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70=AM_QaTNGTI8YMnDEwGFjhkIZAQE=; expires=Mon, 02 Oct 2023 21:25:34 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    c2196de8ba412c60c22ab491af7b1409
Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 21:25:34 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 19:26:58 GMT
Expires: Sun, 09 Oct 2022 19:26:57 GMT
Etag: "9d0ccf01040a25bbc83c6d6bc52defe0f39c74fa"
Cache-Control: max-age=597082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754082eb5b11b505-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6421
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 21:25:34 GMT
Last-Modified: Sun, 02 Oct 2022 19:38:33 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         65.9.84.225
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 21:25:34 GMT
Last-Modified: Sun, 02 Oct 2022 20:56:34 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 9Uj3hJm3-ETE4Ou4oNB1VEqHhnwIpt26mKOnVm6jRlqUCqVfi8YECg==
Age: 1741

                                        
                                            GET /nr-768.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         151.101.86.137
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Connection: keep-alive
Content-Length: 8634
x-amz-id-2: dmXezA0qxssYn/E1lcszbz74ofMDQRDe5mJADr/ZeHAS4Nv6Od4/sePCStFoUpbsHpMfa4X1Dl8=
x-amz-request-id: Q97K9MJD03F15ATG
Last-Modified: Wed, 28 Feb 2018 23:33:43 GMT
ETag: "b4b84a4b4f36d13ffaa93c062b2d3e17"
x-amz-version-id: null
Server: AmazonS3
Cache-Control: public, max-age=7200, stale-if-error=604800
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Sun, 02 Oct 2022 21:25:34 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1680-BMA
X-Cache: HIT
X-Cache-Hits: 31
X-Timer: S1664745935.905913,VS0,VE0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin


--- Additional Info ---
Magic:  ASCII text, with very long lines (22625), with no line terminators
Size:   8634
Md5:    f609b011c4024aa0568283a441571094
Sha1:   994180dd4c0201a5d4c016a05617d344e3a30db3
Sha256: e89e8dbcfbf23828890914f8ba633693f3ac5582770e16fde88bfc1baddea9aa
                                        
                                            GET /tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f&gtmcb=1586267591 HTTP/1.1 
Host: main.exoclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71475%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-10-02%22%3B%7D%7D; expires=Mon, 02 Oct 2023 21:25:34 GMT; path=/; domain=.exoclick.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /tag.php?goal=5ca8b60d120434a1134c010ca6272da6&gtmcb=1942366944 HTTP/1.1 
Host: main.exoclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83337%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-10-02%22%3B%7D%7D; expires=Mon, 02 Oct 2023 21:25:34 GMT; path=/; domain=.exoclick.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /tag.php?goal=33d8e6a4225d77ae914dff110feef000&gtmcb=140400348 HTTP/1.1 
Host: main.exoclick.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 21:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A80305%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-10-02%22%3B%7D%7D; expires=Mon, 02 Oct 2023 21:25:34 GMT; path=/; domain=.exoclick.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2TrnQew6CGW8X78Uq9IRRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.217.237.91
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UZl+WN67+fv4456M8aHsFm/nXfs=

                                        
                                            GET /1/bcc61c6f3d?a=6702766&pl=1664745933377&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=377&fe=487&dc=213&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1664745933377,%22n%22:0,%22dl%22:361,%22di%22:573,%22ds%22:589,%22de%22:594,%22dc%22:862,%22l%22:862,%22le%22:863,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-2,%22ce%22:-2,%22rq%22:68,%22rp%22:337,%22rpe%22:338%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         162.247.241.14
HTTP/1.1 301 Moved Permanently
                                        
Date: Sun, 02 Oct 2022 21:25:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 02 Oct 2022 22:25:35 GMT
Location: https://bam.nr-data.net/1/bcc61c6f3d?a=6702766&pl=1664745933377&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=377&fe=487&dc=213&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1664745933377,%22n%22:0,%22dl%22:361,%22di%22:573,%22ds%22:589,%22de%22:594,%22dc%22:862,%22l%22:862,%22le%22:863,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-2,%22ce%22:-2,%22rq%22:68,%22rp%22:337,%22rpe%22:338%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082ee3c95b4f3-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5796
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 21:25:35 GMT
Last-Modified: Sun, 02 Oct 2022 19:48:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /1/bcc61c6f3d?a=6702766&pl=1664745933377&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=377&fe=487&dc=213&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1664745933377,%22n%22:0,%22dl%22:361,%22di%22:573,%22ds%22:589,%22de%22:594,%22dc%22:862,%22l%22:862,%22le%22:863,%22f%22:-5,%22dn%22:-5,%22dne%22:-3,%22c%22:-2,%22ce%22:-2,%22rq%22:68,%22rp%22:337,%22rpe%22:338%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.remembergirl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 403 Forbidden
Content-Type: text/plain;charset=UTF-8
                                        
Date: Sun, 02 Oct 2022 21:25:35 GMT
Content-Length: 2
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754082ee6a8bb512-OSL


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1297828652 HTTP/1.1 
Host: nextgencounter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

                                         
                                         209.208.78.145
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 02 Oct 2022 21:25:35 GMT
Server: Apache
Location: https://nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1297828652
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   246
Md5:    8c9f67bbb92d518eeba8a1bedf0905bf
Sha1:   f6a56dbff5f1f2e80f300adf0b618b8ee2e3f67a
Sha256: feeeff35eafbc774ae056a63c30bf5d253acc43bad06356ed91cb49aaf4c6296
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8100
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:25:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8100
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:25:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8100
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:25:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8100
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:25:35 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:17:57 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
age: 83258
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9600
Md5:    11f2e40823827b62bca89d18ee279cb2
Sha1:   fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
Sha256: c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 60275
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /retargeting.js?id=981&gtmcb=804539824 HTTP/1.1 
Host: tfosrv.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.remembergirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.18.168.29
HTTP/1.1 200 OK
content-type: text/javascript
                                        
server: nginx
date: Sun, 02 Oct 2022 21:25:34 GMT
transfer-encoding: chunked
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
x-request-id: 633A01CE-D812A81D01BBA865-44C03399


--- Additional Info ---
Magic:  data
Size:   27697
Md5:    c6bae02f712a3b881947aece99dff0f8
Sha1:   47e25fb684d6274a830c4ad730d4b8d48d465a88
Sha256: 0be152073904fcc3702d2fd992d4c72d813fe0b6c28deae636dab0225da8979c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
age: 85018
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4987
Md5:    463bdcfbec5426e18ecef83b1c373b71
Sha1:   2e533332ee5c49143e58dad32ee3717a39179532
Sha256: 2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b1efd-2ddc-4e8a-b89c-c9601bfeba68.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7314
x-amzn-requestid: ba9e3b47-d9dd-49c1-9645-bac582351957
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpnGqOoAMFUTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-0604dff004a5f6364f0fe11c;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ss4zz6K56bzf1oFauX5_GUyy77r5gwLUcEy2GHrxSbBlwaYNjPZuYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:58:03 GMT
age: 84452
etag: "e06bd8868eff8c42f5d2e2deec9a361170c8d3ea"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7314
Md5:    ef85af3ef63e35a54bc15fbca5d7236b
Sha1:   e06bd8868eff8c42f5d2e2deec9a361170c8d3ea
Sha256: 0291104bb66ac4849ac5fd433fdf9cbbc7f4a2fcaa1f137aca08be2a4878f54c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 85022
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6871
Md5:    9dddb9d84a16a3004821d89836b83dc3
Sha1:   087521979efd5936416fd7f030779fa5725f0a8f
Sha256: a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.36
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sun, 02 Oct 2022 21:25:36 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 02 Oct 2022 00:16:45 GMT
Expires: Mon, 03 Oct 2022 00:16:45 GMT
ETag: "231c65bcd985a32a43823b72531a40ff6d636cbf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    a23aacaf9bb97889673234f3b64c7114
Sha1:   231c65bcd985a32a43823b72531a40ff6d636cbf
Sha256: 5cce08b75169e7350f2ffafea85a905792741c1d7c9f60c8e2256b83cab4590f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1526ec30-d948-4741-bb43-1e4c0afdc4d7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14117
x-amzn-requestid: adb8a06b-48c2-4805-90ed-1db82d873d49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDpmFdjoAMFY_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b30a-7f09d2c748de72ca663022df;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: i_uJRH1xyKKv7z4fxzFua4sXX5__sOm8GHbOUuln6Eoo_ddRWgtAaQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:45:35 GMT
age: 85207
etag: "f73cabc101017a4af09e675ca9262774c177d16a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14117
Md5:    fbddbe1f7958f13b80e50ab39094b9ab
Sha1:   f73cabc101017a4af09e675ca9262774c177d16a
Sha256: ebbe6a54e5c390f49452d0afd55899f4dec3836451906945c79bbf165e4e0724
                                        
                                            GET /adv_ret/?adv_pixel_id=861&nid=3&gtmcb=1032761146 HTTP/1.1 
Host: ads.traffichunt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.remembergirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.193.186.63
HTTP/2 200 OK
                                        
date: Sun, 02 Oct 2022 21:25:34 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: new_adx_profile_guid=2c44b507-3ea9-4591-973d-c0ec931a2620;Max-Age=7776000;Path=/;SameSite=None; Secure new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure new_3.adx_daily_rt_0=861;Max-Age=9265;Path=/;SameSite=None; Secure new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure 3.adx_rt_0=861; Max-Age=7776000; Expires=Sat, 31 Dec 2022 21:25:34 GMT; Path=/ adx_profile_guid=2c44b507-3ea9-4591-973d-c0ec931a2620; Max-Age=7776000; Expires=Sat, 31 Dec 2022 21:25:34 GMT; Path=/ 3.adx_daily_rt_0=861; Max-Age=9265; Expires=Sun, 02 Oct 2022 23:59:59 GMT; Path=/
X-Firefox-Spdy: h2


--- Additional Info ---