revivemyvote.com/
161.97.175.85301 Moved Permanently 162 B IP 161.97.175.85:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 09 Nov 2022 05:07:38 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.revivemyvote.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4720
Expires: Wed, 09 Nov 2022 06:26:18 GMT
Date: Wed, 09 Nov 2022 05:07:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1767
Cache-Control: max-age=107579
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:39 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:00:38 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7127
Expires: Wed, 09 Nov 2022 07:06:26 GMT
Date: Wed, 09 Nov 2022 05:07:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: x+TuobLIqnuFnb9jIIPdvhBZrIzKLQWmPQJE65FzhYtdteHSrUHqu9ctPrGWhPm6V4Lgvg9Hpa8=
x-amz-request-id: 15S6FHC8CWY9B5TF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 04:11:35 GMT
age: 3364
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2ccd815f9cdcbf1464d42d048d4a6f57
1550f2d3c9535d2af63c60d8219232528af588ba
b7abf0bc6f044daf5cc2062bb48fec7a5c65b9c33ccf37cc7b8b10fb0ff1f9bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7ABF0BC6F044DAF5CC2062BB48FEC7A5C65B9C33CCF37CC7B8B10FB0FF1F9BC"
Last-Modified: Sun, 06 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10792
Expires: Wed, 09 Nov 2022 08:07:31 GMT
Date: Wed, 09 Nov 2022 05:07:39 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=107022
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:39 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:51:21 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.revivemyvote.com/wp-content/plugins/adapta-rgpd/assets/css/inform-box-simple.css?ver=1.3.7
161.97.175.85200 OK 577 B URL HTTP/2 www.revivemyvote.com/wp-content/plugins/adapta-rgpd/assets/css/inform-box-simple.css?ver=1.3.7
IP 161.97.175.85:0
Hash 9f770045b4305bbbcdcc3b2b7716ca2e
1d8524260b245ba28a2502d4b5b52b7e308e0e8c
d3a4d87f7f705ea635ac3ef9bfb2d9446ad78ea0b94adb8254bf38d6f0d1220a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/adapta-rgpd/assets/css/inform-box-simple.css?ver=1.3.7 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/css
last-modified: Mon, 17 Oct 2022 11:55:56 GMT
etag: W/"634d42cc-96"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1
161.97.175.85200 OK 0 B URL HTTP/2 www.revivemyvote.com/wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1
IP 161.97.175.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/image-sizes/assets/js/front.js?ver=3.6.1 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
content-length: 0
last-modified: Sun, 23 Oct 2022 15:30:28 GMT
etag: "63555e14-0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/uploads/logo-revivemyvote-297x40.png
161.97.175.85200 OK 13 kB URL HTTP/2 www.revivemyvote.com/wp-content/uploads/logo-revivemyvote-297x40.png
IP 161.97.175.85:0
File type PNG image data, 297 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a287c9ce68f40028e1f06e3e1d27ddb
d87c69fd31e3ef446c988d4ccfdb5ce1d2174ba2
bdbf0a727e467b4f323e5f0b47a4081ee373809ebe110c2849be1ccf9c09df90
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/logo-revivemyvote-297x40.png HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: image/png
content-length: 13166
last-modified: Wed, 19 Oct 2022 11:09:34 GMT
etag: "634fdaee-336e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.3
161.97.175.85200 OK 8.1 kB URL HTTP/2 www.revivemyvote.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.3
IP 161.97.175.85:0
File type ASCII text, with very long lines (38375)
Hash a7a3a134772e8888bc3306d62a37082e
1a7aba099013804999ac3c968d734ffaf728c586
78b2ad51c61c497cbf5a35d573474fe842475722bb563b472a21da73125eef0d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.9.3 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 16:46:07 GMT
etag: W/"6363f04f-9e45"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/plugins/iks-menu/assets/css/public.css?ver=1.9.8
161.97.175.85200 OK 20 kB URL HTTP/2 www.revivemyvote.com/wp-content/plugins/iks-menu/assets/css/public.css?ver=1.9.8
IP 161.97.175.85:0
File type ASCII text, with very long lines (47513)
Hash 42b2bee59a9231e498d7132aa36f2ec3
cbf6e10235df27e29c85ffa0cfc69ccee73af8ec
b10558fbcf6d4182ed28c481764dc24cbe9c600415bb30c96ebfb2036a7ba83b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/iks-menu/assets/css/public.css?ver=1.9.8 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 11:37:00 GMT
etag: W/"62ea5ddc-b99a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=6
185.76.9.21200 OK 3.1 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=6
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2659)
Hash 0be05728d39a591f5b5aacd667e8d32d
f77e7cab11aa0d34089fae8ad249982f3c3a449a
5ea3f302176e63eeb40a8d380d1427401bf1e5aaaf9ea834cc05a78078a636f1
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1668575081
server: CDN77-Turbo
x-77-nzt: AblMCRS7cWj/sgAAAA
x-77-nzt-ray: ffffffffe1353a5f9b356b6367a10530
x-cache: HIT
x-age: 178
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-includes/css/dashicons.min.css?ver=6.1
161.97.175.85200 OK 35 kB URL HTTP/2 www.revivemyvote.com/wp-includes/css/dashicons.min.css?ver=6.1
IP 161.97.175.85:0
File type ASCII text, with very long lines (58981)
Hash c973b886574ba31e25ceb99c36bbb1ec
9b1fb9d9858f1717d1020e8a3922d5f830c5a437
ae86ba1bfa225c68262b1a8f1a2f4abc5791629f266dd700b8bc4552cf8d6749
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.1 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 13:06:43 GMT
etag: W/"62ea72e3-e688"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
161.97.175.85200 OK 4.0 kB URL HTTP/2 www.revivemyvote.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
IP 161.97.175.85:0
File type HTML document, ASCII text, with very long lines (597)
Hash d70452a64282cb6f7bfded2921acbbc0
d419248b0cd339e747d77f7798fa46a276675679
5e0e7e26d6a13eb4b8673cc0401c6ea66bc92913498d3ff6e824a7594e3a51cd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 04:36:34 GMT
etag: W/"6361f3d2-33ba"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=100149&formatId=6
185.76.9.21200 OK 12 kB URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=100149&formatId=6
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (4550)
Hash cb60fe07a9750eab1a7b662d9afc81bb
d58d271eb10685d0c4ee16a28aac94d38cfa768c
d110a4e70fccf209519ddedd19a8bd7b9a5192ed9a347c0ddcb8e1e132058eb4
GET /s/requestform.js?siteId=100149&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1668575259
server: CDN77-Turbo
x-77-nzt: AblMCRRvXgCh
x-77-nzt-ray: ffffffffe1353a5f9b356b63212ddd2f
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/plugins/iks-menu/assets/js/menu.js?ver=1.9.8
161.97.175.85200 OK 7.7 kB URL HTTP/2 www.revivemyvote.com/wp-content/plugins/iks-menu/assets/js/menu.js?ver=1.9.8
IP 161.97.175.85:0
Hash e7f6feda3ea23bb701053ec525a4981c
8bc01fe305cf71eaefc7ae8bf4e828bf51874592
cff5b26e2dcd9d4f88081e4c3347b7fec4f64cae06e180fa9e0430f54bf15694
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/iks-menu/assets/js/menu.js?ver=1.9.8 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 11:37:00 GMT
etag: W/"62ea5ddc-28d1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
104.22.25.87200 OK 15 kB URL HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.25.87:0
File type ASCII text, with no line terminators
Hash 651c4bb01229ba58058fdab770a9c15f
801ef5689e17c036142141ec0595387b59cf472d
f2f0ff057cf3bc02d9d3a0bd31a2e18a7519bd6779791fc553a5a8635ff2477f
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revivemyvote.com
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.revivemyvote.com
set-cookie: zc=ca0cb735-653d-4f8e-68bd-7514c9590c08; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=%B6M%E44%DD%DC%17%BBy%93%B7%99%8A%2F%9FMY%C1%DAXd%08%F1%5B%C4%F2A7S%0D%B2%CB%28%28%E0~%F7%8A%DD%B9%1E%D4a%8C0%BF%F1%E0b%0B%9F%07%D1%EF%2B%E2%00%0F%9A%97KD%F6%832-%B8%EB%1C%04%9C%FC%01%CDN%F3%BB%DE%A7%A6%DF%2B%FD; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 767406afeddb0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash bdae0572b52e8a05302d54bbedc4018d
65ce0750697436d09cb6fb2c801fb54cb281e1b4
21e07bd6341d49e5a96efd4485ec818347a1bc5074f9525cfcdc59d09d3abb8f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 09 Nov 2022 05:07:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 08 Nov 2022 00:12:00 GMT
Expires: Tue, 15 Nov 2022 00:11:59 GMT
Etag: "65ce0750697436d09cb6fb2c801fb54cb281e1b4"
Cache-Control: max-age=500058,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 767406aff9a1b4e8-OSL
ads.themoneytizer.com/s/gen.js?type=30
185.76.9.21200 OK 4.2 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=30
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2659)
Hash b4c3eeecdd1f2bacb163cb897107d901
da822e16108bf7e18be35e66ff59335518bf7451
20444b6c1c3d08bc01d4685ea7bde67035a35e8f72a211e641cd4eb5b5c5adfd
GET /s/gen.js?type=30 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1668575107
server: CDN77-Turbo
x-77-nzt: AblMCRRQpSH/mAAAAA
x-77-nzt-ray: ffffffffe1353a5f9b356b634513c22f
x-cache: HIT
x-age: 152
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=100149&f=6&fi=0
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=100149&f=6&fi=0
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=100149&f=6&fi=0 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revivemyvote.com
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 09 Nov 2022 05:05:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:BCA0_36264064:01BB_636B359C_186B2D3C:12D80
X-IPLB-Instance: 38439
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SDfBsZoE6ay/BqP4MgzQiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6jVP/1+fmg8+MugMTn8/oVchm4s=
ced.sascdn.com/tag/1097/smart.js
23.36.77.24200 OK 32 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 23.36.77.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash f89309190a62a033a97c3b3437afe20c
1e506ba712d583758b90196fafdffe43153d20d8
da4f09f1134f2b2a4daf3575ecfe2a8f31f24302df4e7a80a2ca00c0e23f2db9
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32496
Cache-Control: public, max-age=7200
Expires: Wed, 09 Nov 2022 07:07:40 GMT
Date: Wed, 09 Nov 2022 05:07:40 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7a5aff5f3666544d3e4f7f9bef765943
558551bd8663978a32ee1dc4dca566eca9dae29c
f934b57158300b436df810c4cee4e2619e000f400c5f77ee265bdaa0439d8f6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F934B57158300B436DF810C4CEE4E2619E000F400C5F77EE265BDAA0439D8F6B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10922
Expires: Wed, 09 Nov 2022 08:09:42 GMT
Date: Wed, 09 Nov 2022 05:07:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f19f25e9d41e4520d0710b03651f71d1
68c70623c984790883c3350f8cc096fbba018cfa
17a9ad680b9f2c029121bae67488ece7e609b4f0fddc8758c0eeaca60e8647f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5738
Cache-Control: max-age=138886
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:40 GMT
Etag: "636a9ab8-1d7"
Expires: Thu, 10 Nov 2022 19:42:26 GMT
Last-Modified: Tue, 08 Nov 2022 18:06:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6765945453243447
142.250.74.34200 OK 56 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6765945453243447
IP 142.250.74.34:0
File type ASCII text, with very long lines (2776)
Hash 69373503bfaa5995a242d8be279db0fe
78df2660a26b867b64b30361342342ba48d6187f
45e5c64244045f90cb2bbe65a89ef90febb3871d4e8c3f8f2897ab21d0245037
GET /pagead/js/adsbygoogle.js?client=ca-pub-6765945453243447 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revivemyvote.com
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 09 Nov 2022 05:07:40 GMT
expires: Wed, 09 Nov 2022 05:07:40 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4010795667825881586
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 55522
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/uploads/favicon-revivemyvote.png
161.97.175.85200 OK 14 kB URL HTTP/2 www.revivemyvote.com/wp-content/uploads/favicon-revivemyvote.png
IP 161.97.175.85:0
File type PNG image data, 426 x 432, 8-bit colormap, non-interlaced\012- data
Hash b811dcee0d5d630fe0fc45cb17c567a7
21a2b8eaac339532c8bbdbad4a732abc544436a5
0075de6797ddd778e4eb15a3e87206649971779fbc62db81973e4bea5f47636a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/favicon-revivemyvote.png HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:40 GMT
content-type: image/png
content-length: 13800
last-modified: Wed, 03 Aug 2022 12:39:34 GMT
etag: "62ea6c86-35e8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 57db9d5d44894a8c5298971ecfe704f8
048d94952b8b9cfa901524cb3429ee7dd22b433a
79071063632470783ce5b2d606fe8674fc799e00b6ee582722b5f883e047f156
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 734
Cache-Control: max-age=108678
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:40 GMT
Etag: "636a3845-139"
Expires: Thu, 10 Nov 2022 11:18:58 GMT
Last-Modified: Tue, 08 Nov 2022 11:06:45 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
141.95.98.64200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP 141.95.98.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Wed, 09-Nov-2022 05:12:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Wed, 09-Nov-2022 05:12:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Wed, 09-Nov-2022 05:12:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Wed, 09-Nov-2022 05:12:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Wed, 09-Nov-2022 05:12:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Wed, 09-Nov-2022 05:12:40 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Wed, 09 Nov 2022 05:07:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
13.224.246.49200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 13.224.246.49:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Tue, 08 Nov 2022 07:10:16 GMT
X-Cache: Hit from cloudfront
Via: 1.1 1b05f9178c1c0be702b00f1d1f0bcff6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: R0luOR2dUHG4eRUzZ99QZenmTXIxzF6HzW8dyf2ge-ymPP_v1EJFSA==
Age: 79044
www.revivemyvote.com/
161.97.175.85200 OK 21 kB IP 161.97.175.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (44192), with CRLF, LF line terminators
Hash 88f4d38d3340901804f4474521b2eae9
187cba5e504fb28752c6598a650d1de8327fa518
ed568a702588aae66a4bc5c1ca5c0b8af0a7a16bea6827797d044ec734a60a8b
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.revivemyvote.com/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; path=/
helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f; expires=Fri, 09-Dec-2022 05:07:39 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=Strict
x-powered-by: PHP/8.1.12, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=ca0cb735-653d-4f8e-68bd-7514c9590c08&reqId=5260a55d-f90a-4f7e-4fb2-aa2767cc28be&zdid=1258&google_tc=
216.58.207.194302 Found 437 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=ca0cb735-653d-4f8e-68bd-7514c9590c08&reqId=5260a55d-f90a-4f7e-4fb2-aa2767cc28be&zdid=1258&google_tc=
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 198617ec109025afd845111f842c3f11
65d2cd1c8ae2c096c410c151805335ebd2093f93
030aea7aab9f1f275be37cf7f89f3d8f1aaeacd609101d12fa176ad083022b7d
GET /pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=ca0cb735-653d-4f8e-68bd-7514c9590c08&reqId=5260a55d-f90a-4f7e-4fb2-aa2767cc28be&zdid=1258&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.revivemyvote.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=ca0cb735-653d-4f8e-68bd-7514c9590c08&reqId=5260a55d-f90a-4f7e-4fb2-aa2767cc28be&zdid=1258&google_error=3
date: Wed, 09 Nov 2022 05:07:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 8c05c6bb1f4ff9495a769b3fe6b30e69
b6a42681e93ca0e24b67613de3a84e90a840b4d5
dc30ec15d443d8a4d2999daf5632a81da250387edb355e82a53e2166d90d984c
GET /pagead/html/r20221101/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 08 Nov 2022 07:26:21 GMT
expires: Tue, 22 Nov 2022 07:26:21 GMT
cache-control: public, max-age=1209600
age: 78079
etag: 2424782735605397694
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.quantserve.com/quant.js
91.228.74.244200 OK 9.8 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
Hash ab703e3996cd84f49d21520549bb1be1
1ceb9277f2a4763ffee720069413c32f12ca1d92
1c54c4cff458bb87a0f1871313e0e73e21436f0d27a69042d60ed7ffaf7f8f72
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:40 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "Y8QtaFbAe6Y/4gwtHHbZIQ=="
expires: Wed, 16 Nov 2022 05:07:40 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32034)
Hash c54aac7ef64c39b4f384e0d5771d3b46
d3e059104378a3844862a5ed12a13f5d423e86b6
3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 08:08:17 GMT
expires: Fri, 03 Nov 2023 08:08:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 507563
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 4e48180712e2e140b9748591e3228a70
49d4292426ddfbc6e98cff6d468e3bdf1be41ff7
16ebf61312b22e0032171995a665bad4ea8c7fd80636fc04eb6456d0f60397ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash 0fa04081480f9267fa87dc320fff9fff
7aa9faff707f4b588fbe4698b824c862d7deaa82
9db5d20dc95b059c36075bee56626d6cc6ecc1a35247624ac5617ff973c725ea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145653
Date: Wed, 09 Nov 2022 05:07:40 GMT
Etag: "636abb25-1d7"
Expires: Thu, 10 Nov 2022 21:35:13 GMT
Last-Modified: Tue, 08 Nov 2022 20:25:09 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 0f9abff0779787e38b3d83ae17ff6224.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: gQHv1jeSh6mL4QLmDJF5KSX9MEZtImWeg78z6daLI9c-TDIljfTPXA==
Age: 4204
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
34.254.79.202200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 34.254.79.202:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revivemyvote.com
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.revivemyvote.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Wed, 09 Nov 2022 05:07:40 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 09 Nov 2022 05:07:40 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bc4c7ded1e46b5eff4eb26051e1e1994
0658132d8f3573e0d9fb10601ce696e18ecb2547
5dfc30a8712f7e59eb85209d988a13030874449a89b3e4d43690bcb08250b460
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3434
Cache-Control: max-age=130455
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:41 GMT
Etag: "636a82ca-139"
Expires: Thu, 10 Nov 2022 17:21:56 GMT
Last-Modified: Tue, 08 Nov 2022 16:24:42 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b3211ec5be323da23a4770cfcc5027a9
785ad7850848982e7f8d9769f2181452b6dad429
b27d28b67a66fea03cea48e2857c2f425faecc6c8f1b9dfd7b5bde5f0f3438ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4322
Cache-Control: max-age=129537
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:41 GMT
Etag: "636a7bbc-139"
Expires: Thu, 10 Nov 2022 17:06:38 GMT
Last-Modified: Tue, 08 Nov 2022 15:54:36 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b3211ec5be323da23a4770cfcc5027a9
785ad7850848982e7f8d9769f2181452b6dad429
b27d28b67a66fea03cea48e2857c2f425faecc6c8f1b9dfd7b5bde5f0f3438ce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4322
Cache-Control: max-age=129537
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 05:07:41 GMT
Etag: "636a7bbc-139"
Expires: Thu, 10 Nov 2022 17:06:38 GMT
Last-Modified: Tue, 08 Nov 2022 15:54:36 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:40 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ww1097.smartadserver.com/genericpost
185.86.137.32204 No Content 0 B URL HTTP/1.1 ww1097.smartadserver.com/genericpost
IP 185.86.137.32:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /genericpost HTTP/1.1
Host: ww1097.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.revivemyvote.com/
Origin: https://www.revivemyvote.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
date: Wed, 09 Nov 2022 05:07:40 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://www.revivemyvote.com
vary: Origin
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:40 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 8.8 kB URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
Hash 40aba603b8d7a310014fe2124af19430
25d48543009489dedb558be256405092b74a13ba
2c5e75ab9f962226dd1a245fd3e07165edd15abc31e0f7c4be33d0dfa7134616
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.revivemyvote.com/
Origin: https://www.revivemyvote.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:40 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://www.revivemyvote.com
server-processing-duration-in-ticks: 1386518
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4377
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 05:07:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4377
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 05:07:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4377
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 05:07:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4377
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 05:07:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4377
Expires: Wed, 09 Nov 2022 06:20:38 GMT
Date: Wed, 09 Nov 2022 05:07:41 GMT
Connection: keep-alive
www.revivemyvote.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
161.97.175.85200 OK 22 kB URL HTTP/2 www.revivemyvote.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 161.97.175.85:0
File type ASCII text, with very long lines (47826)
Hash d85e54b960892283ce39c2d450f35fa4
30f0920dc082a48df515a2ad38237cb3f67f0538
0e9b9e77ad05b9ea092eb19e0ad2f5e84fc2e5f8a40474e5d47d67fc8f994428
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 04:36:34 GMT
etag: W/"6361f3d2-17265"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
54.230.111.108200 OK 8.8 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 54.230.111.108:0
File type JSON data\012- , ASCII text, with very long lines (9979), with no line terminators
Hash 892d964ef3f157f0b7c4ba9156b70010
51f29d184700cf91def53bf6cd5aaa64b5b20d9c
eaa4b7534e5eca69c4d0f1bad9ab14dd23c6595ff9f750fd9c2d1a5dc71a25fa
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revivemyvote.com
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Wed, 09 Nov 2022 03:00:37 GMT
last-modified: Mon, 31 Oct 2022 19:52:29 GMT
etag: W/"9d3edb6b0958dc8fc9d74e44b3d6c1cf"
x-amz-server-side-encryption: AES256
x-amz-version-id: mbynXBBZ.ckIcnxGDVHS07C_p1g25FCO
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yFt7MsMETHipE4FEKsyOSK-ZNKfmL4B2MO2eA9yYngzOphTxps3cOA==
age: 7624
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
108.156.46.8200 OK 94 kB URL HTTP/2 cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
IP 108.156.46.8:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b37fd96e63037397d798dcb49ab9b8ca
fcb9420d4135beb7cbe23c5ac92a5063956142b9
ef3f4268c8034ed0282e4cff1434dd2c054705d92fa1871509de53133bc82328
GET /tcfv2/42/cmp2.js?referer=www.themoneytizer.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=172800
date: Wed, 09 Nov 2022 05:07:41 GMT
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 da75aba073a4674b4acba0f7682b0446.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: GIj6oVr-wlA5hsQZ-36cuniTsDTXqksEbUqB9s9RfUhAo9NvXb6COw==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3cd10472aabf86c5ffdfd06057f87f6
82728de12017be85f27e65a7222573058aad37c3
1bbb913786c95b51639193739d2cf01de1cdd8afe8b68dfef378b989129f0ef4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf9d55c4-e1e8-4687-8395-004d7c4a0225.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6635
x-amzn-requestid: 8348f858-989b-4643-b6f8-4f7254b154ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTmaHunIAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc8f-02cc736a29efbcb473e20402;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:39:27 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1nLdkhJjsLSGP0pS3mmDwAcsKSLD-rYRaRt4X9_L2jWTNQaiVJbqw==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:44 GMT
age: 26637
etag: "82728de12017be85f27e65a7222573058aad37c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.3
161.97.175.85200 OK 26 kB URL HTTP/2 www.revivemyvote.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.3
IP 161.97.175.85:0
File type ASCII text, with very long lines (16935), with no line terminators
Hash 38e011dfbf839f676695d9bfe2752dc7
25ca2d1d7d0dc3fca3be84d61da0c00177dcf2ab
af90140bb54f50d39daa49bc955a869afaa059924b2792e8f743e27f7483da70
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.9.3 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 16:46:07 GMT
etag: W/"6363f04f-4227"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11ef1d34ac2d42662fe53fc58c882fdf
16f1e048895ed1ee0c0c071e3939e741113e4969
61c42bae12654cf9bd1e7ca0f616164ff4139dc470fb6c1033176374444d6bda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84109408-bbc7-4166-8974-df4b4fbbf1c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6272
x-amzn-requestid: 7287a2fe-853d-497f-a63e-1d521dd5326e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bG3dSGEIIAMF7Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365d2bb-4c6803ad2d4ea46e68abd386;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 03:04:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LDFjqTNKAf14q52-12SgdxG52y16CzeAmZFIIwxEnUFTYp8ZOTT4Ew==
via: 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 18:20:46 GMT
age: 38815
etag: "16f1e048895ed1ee0c0c071e3939e741113e4969"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ww1097.smartadserver.com/genericpost
185.86.137.32200 OK 26 B URL HTTP/1.1 ww1097.smartadserver.com/genericpost
IP 185.86.137.32:0
ASN #201081 SmartAdServer SAS
File type ASCII text, with no line terminators
Hash 6d84d2c6677b51cf25fb35c6f43a3ec0
e22243a515187d0effe4064c212cb9658708fd1b
aab9e4d3be6d6a42db71063d348936c0acf76888cb549a5793de6ef0e3b99939
POST /genericpost HTTP/1.1
Host: ww1097.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/javascript
Content-Length: 441
Origin: https://www.revivemyvote.com
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 09 Nov 2022 05:07:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.revivemyvote.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100%3b%24sw%3d1280%3b%24sh%3d1024; expires=Thu, 09 Nov 2023 05:07:41 GMT; domain=.smartadserver.com; path=/
vs=542240=5182867; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 09 Nov 2023 05:07:41 GMT; domain=.smartadserver.com; path=/
pid=630721153302533076; expires=Thu, 09 Nov 2023 05:07:41 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638035672610869385&o=1; expires=Thu, 10 Nov 2022 05:07:41 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Thu, 10 Nov 2022 05:07:41 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
108.156.46.8200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP 108.156.46.8:0
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: gzip
date: Wed, 09 Nov 2022 05:07:31 GMT
cache-control: max-age=900
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 da75aba073a4674b4acba0f7682b0446.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: TXwLVVZ5IOpdmkXsl5dnZVGoDyGyBR0qOjt5aypP5QqeY_hp-FXu-w==
age: 43
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/42/cmp2ui-es.js
108.156.46.8200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/42/cmp2ui-es.js
IP 108.156.46.8:0
GET /tcfv2/42/cmp2ui-es.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
cache-control: max-age=172800
date: Tue, 08 Nov 2022 19:24:12 GMT
last-modified: Tue, 05 Jul 2022 18:40:32 GMT
etag: W/"61891c12c976950785806a7f08986298"
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 da75aba073a4674b4acba0f7682b0446.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: uxIA7om5XHxnCbTJGHp_pkARaTe6hPkQn_ehYXIiN1rv-h6mAqf7Gg==
age: 35009
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/purposes-ES.json
108.156.46.8200 OK 0 B URL HTTP/2 cmp.quantcast.com/GVL-v2/purposes-ES.json
IP 108.156.46.8:0
GET /GVL-v2/purposes-ES.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revivemyvote.com
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Wed, 09 Nov 2022 03:00:56 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Wed, 09 Nov 2022 03:00:32 GMT
etag: W/"f7e28ec343f45b53939e9549511a6c2a"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 da75aba073a4674b4acba0f7682b0446.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: _WnzIqkRBgYXCqzneTZf6DZ15QvYY8mSb2Fl3O10grwpE9YFnGFDtw==
age: 7606
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybid7_22/build/dist/prebid.js
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybid7_22/build/dist/prebid.js
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /moneybid7_22/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:40 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 19:34:11 GMT
expires: Thu, 10 Nov 2022 05:04:40 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1668056680
server: CDN77-Turbo
x-77-nzt: AblMCRQ3SOb/tAAAAA
x-77-nzt-ray: ffffffffe1353a5f9c356b63b5361d02
x-cache: HIT
x-age: 180
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/plugins/footer-mega-grid-columns/assets/css/fmgc-css.css?ver=1.4.1
161.97.175.85200 OK 0 B URL HTTP/2 www.revivemyvote.com/wp-content/plugins/footer-mega-grid-columns/assets/css/fmgc-css.css?ver=1.4.1
IP 161.97.175.85:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/footer-mega-grid-columns/assets/css/fmgc-css.css?ver=1.4.1 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 11:36:59 GMT
etag: W/"62ea5ddb-406"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/plugins/iks-menu/assets/js/public.js?ver=1.9.8
161.97.175.85200 OK 0 B URL HTTP/2 www.revivemyvote.com/wp-content/plugins/iks-menu/assets/js/public.js?ver=1.9.8
IP 161.97.175.85:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/iks-menu/assets/js/public.js?ver=1.9.8 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 11:37:00 GMT
etag: W/"62ea5ddc-3a8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneyinimage.js
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneyinimage.js
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /moneyinimage.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:40 GMT
content-type: application/javascript
last-modified: Tue, 21 Dec 2021 17:13:49 GMT
expires: Thu, 10 Nov 2022 05:05:12 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1668056712
server: CDN77-Turbo
x-77-nzt: AblMCRTmQFn/lAAAAA
x-77-nzt-ray: ffffffffe1353a5f9c356b633d15fd03
x-cache: HIT
x-age: 148
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-content/plugins/helpful/core/assets/js/helpful.js?ver=4.5.24
161.97.175.85200 OK 0 B URL HTTP/2 www.revivemyvote.com/wp-content/plugins/helpful/core/assets/js/helpful.js?ver=4.5.24
IP 161.97.175.85:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/helpful/core/assets/js/helpful.js?ver=4.5.24 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 11:36:59 GMT
etag: W/"62ea5ddb-13b4"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-includes/js/thickbox/thickbox.css?ver=6.1
161.97.175.85200 OK 0 B URL HTTP/2 www.revivemyvote.com/wp-includes/js/thickbox/thickbox.css?ver=6.1
IP 161.97.175.85:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/thickbox/thickbox.css?ver=6.1 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/css
last-modified: Wed, 03 Aug 2022 13:06:54 GMT
etag: W/"62ea72ee-a63"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway&display=swap&ver=1641579214
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway&display=swap&ver=1641579214
IP 142.250.74.10:0
GET /css?family=Raleway&display=swap&ver=1641579214 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 05:07:39 GMT
date: Wed, 09 Nov 2022 05:07:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
161.97.175.85200 OK 0 B URL HTTP/2 www.revivemyvote.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 161.97.175.85:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 04:36:34 GMT
etag: W/"6361f3d2-15e54"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
161.97.175.85200 OK 0 B URL HTTP/2 www.revivemyvote.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 161.97.175.85:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 13:06:51 GMT
etag: W/"62ea72eb-2bd8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.revivemyvote.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
161.97.175.85200 OK 0 B URL HTTP/2 www.revivemyvote.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 161.97.175.85:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: www.revivemyvote.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Cookie: PHPSESSID=nosasiogq1mh3rq6hnismrsg32; helpful_user=3e5c76d5d7196e3d67f7b4db206fbd6f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: application/javascript
last-modified: Wed, 03 Aug 2022 13:06:57 GMT
etag: W/"62ea72f1-48b9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=100149&formatId=30
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=100149&formatId=30
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=100149&formatId=30 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1668575259
server: CDN77-Turbo
x-77-nzt: AblMCRQ9Ekuh
x-77-nzt-ray: ffffffffe1353a5f9b356b63f14db12f
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 09 Nov 2022 05:07:39 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 618169
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
108.156.46.8200 OK 0 B URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 108.156.46.8:0
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revivemyvote.com
Connection: keep-alive
Referer: https://www.revivemyvote.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Wed, 09 Nov 2022 03:00:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Wed, 09 Nov 2022 03:00:32 GMT
etag: W/"b0704acb374845886d528927d524f486"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 da75aba073a4674b4acba0f7682b0446.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: 8klxVJD8EEqjlPg0TPq53Hrwiba4uuXJg0yRaaO_hShfoXd0syEW_g==
age: 7604
X-Firefox-Spdy: h2