Overview

URL katieniehaus.com/
IP3.33.152.147
ASNAMAZON-02
Location United States
Report completed2022-07-06 22:28:45 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 katieniehaus.com/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL images-static.moxiworks.com/static/images/br/cb/cb_homebackground_03032022.jpg
IP  64.246.164.140
Magic gzip compressed data, max compression\012- data
Size 282859
MD5 c5171120f36f4a6baa26d56e0eff4fd4
SHA1 81000d90abe80695cda69401ce6d09db121db420
SHA256 91c9178cbaeaecb51e94db2d15c3f3dcdbbfbaf52788c506cc31383e00c1ebd2
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (33)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] fonts.gstatic.com (5) 0 2017-01-30 04:59:51 UTC 2022-07-06 04:41:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-06 17:02:11 UTC 34.120.237.76
[Mnemonic Passive DNS] ocsp.pki.goog (15) 175 2017-06-14 07:23:31 UTC 2022-07-06 04:42:12 UTC 142.250.74.3
[Mnemonic Passive DNS] www.google.com (1) 7 2012-05-22 04:23:54 UTC 2022-07-06 17:41:41 UTC 142.250.74.164
[Mnemonic Passive DNS] fonts.googleapis.com (1) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 142.250.74.10
[Mnemonic Passive DNS] images-static.moxiworks.com (4) 336238 2017-11-02 21:44:26 UTC 2022-07-04 18:55:53 UTC 64.246.164.140
[Mnemonic Passive DNS] r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-07-06 04:55:58 UTC 104.18.21.226
[Mnemonic Passive DNS] js-agent.newrelic.com (1) 378 2017-01-30 05:00:15 UTC 2022-07-06 05:22:36 UTC 151.101.86.137
[Mnemonic Passive DNS] disutgh7q0ncc.cloudfront.net (1) 0 No data No data 54.230.111.121 Unknown ranking
[Mnemonic Passive DNS] katieniehaus-minnesota.sites.cbmoxi.com (10) 0 No data No data 64.246.164.134 Domain (cbmoxi.com) ranked at: 104841
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-06 19:05:02 UTC 93.184.220.29
[Mnemonic Passive DNS] cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-07-06 04:42:41 UTC 151.101.85.229
[Mnemonic Passive DNS] svc.moxiworks.com (8) 242400 2017-10-12 22:56:49 UTC 2022-07-06 12:20:42 UTC 64.246.164.140
[Mnemonic Passive DNS] dugout.moxiworks.com (1) 0 2022-02-17 07:08:58 UTC 2022-07-06 21:13:45 UTC 64.246.164.134 Domain (moxiworks.com) ranked at: 131194
[Mnemonic Passive DNS] ocsp.sca1b.amazontrust.com (1) 1015 No data No data 54.230.245.118
[Mnemonic Passive DNS] i6.moxi.onl (1) 396409 2022-06-19 10:10:50 UTC 2022-06-19 10:10:50 UTC 69.16.175.42
[Mnemonic Passive DNS] katieniehaus.com (1) 0 No data No data 15.197.142.173 Unknown ranking
[Mnemonic Passive DNS] bam.nr-data.net (1) 630 2022-05-18 16:30:58 UTC 2022-07-06 04:45:35 UTC 162.247.241.14
[Mnemonic Passive DNS] www.google-analytics.com (2) 40 2017-01-30 05:00:06 UTC 2022-07-06 06:00:56 UTC 142.250.74.174
[Mnemonic Passive DNS] www.googletagmanager.com (1) 75 2017-01-30 05:00:47 UTC 2022-07-06 04:42:41 UTC 142.250.74.72
[Mnemonic Passive DNS] maxcdn.bootstrapcdn.com (1) 724 2017-01-30 05:00:47 UTC 2021-03-05 11:52:46 UTC 104.18.10.207
[Mnemonic Passive DNS] telize-v1.p.rapidapi.com (1) 205922 No data No data 18.192.193.11
[Mnemonic Passive DNS] moxi4.ssl.hwcdn.net (1) 0 No data No data 205.185.208.154 Domain (hwcdn.net) ranked at: 9261
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.sectigo.com (4) 487 2018-12-17 11:31:55 UTC 2022-07-06 16:56:01 UTC 104.18.32.68
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-06 04:47:23 UTC 54.149.64.225
[Mnemonic Passive DNS] ajax.googleapis.com (1) 12905 2017-01-30 05:00:30 UTC 2019-10-16 05:01:16 UTC 142.250.74.42
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.7
[Mnemonic Passive DNS] www.gstatic.com (3) 0 2015-06-20 09:50:55 UTC 2015-11-29 15:55:55 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] stats.g.doubleclick.net (1) 96 2017-01-30 04:59:59 UTC 2022-07-06 04:42:45 UTC 173.194.222.157
[Mnemonic Passive DNS] maps.googleapis.com (2) 33876 2017-01-30 05:00:19 UTC 2022-06-04 21:16:56 UTC 216.58.207.234


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 3.33.152.147

Date UQ / IDS / BL URL IP
2022-08-12 23:33:58 +0000
0 - 0 - 10 xn--azuk-8pa.com/ 3.33.152.147
2022-08-11 23:55:52 +0000
0 - 0 - 1 olympictickets2020.com/ 3.33.152.147
2022-08-11 23:35:11 +0000
0 - 0 - 1 fishnbiz.net/ 3.33.152.147
2022-08-11 22:24:36 +0000
0 - 0 - 1 plrarticles.org/ 3.33.152.147
2022-08-11 20:22:16 +0000
0 - 0 - 0 9285p.com 3.33.152.147
2022-08-11 18:24:07 +0000
0 - 0 - 1 coastalcarpetone.info/ 3.33.152.147
2022-08-11 17:12:34 +0000
0 - 0 - 0 christianford.com 3.33.152.147
2022-08-11 14:07:46 +0000
0 - 0 - 1 celebsexnews.com/ 3.33.152.147
2022-08-11 06:01:16 +0000
0 - 0 - 10 xn--azuk-8pa.com/ 3.33.152.147
2022-08-11 05:56:41 +0000
0 - 0 - 1 camsitesdirectory.com/ 3.33.152.147

Last 10 reports on ASN: AMAZON-02

Date UQ / IDS / BL URL IP
2022-08-12 23:36:27 +0000
0 - 0 - 34 killbcosiempre-com.ml/ 13.57.136.230
2022-08-12 23:33:58 +0000
0 - 0 - 10 xn--azuk-8pa.com/ 3.33.152.147
2022-08-12 23:31:54 +0000
0 - 0 - 1 www1.luminouslandscape.com/?tm=1&subid4=16603 (...) 75.2.73.197
2022-08-12 23:24:09 +0000
0 - 0 - 2 www.ibayme.eb2a.com/code.php?mode=cb&usr=Z2Vv (...) 199.59.243.220
2022-08-12 23:19:21 +0000
0 - 0 - 1 diegobahu.com/ 44.227.76.166
2022-08-12 23:09:27 +0000
0 - 0 - 1 clk.flexdirectpath.com/c/c=1834811/s=289339/m (...) 3.18.216.192
2022-08-12 23:05:29 +0000
0 - 0 - 1 a4fbb.xyz/get/campaign/prcampaignlil 54.230.111.50
2022-08-12 23:03:11 +0000
0 - 0 - 4 www.wownicepop.com/73fd2ca3-649a-4076-a2e5-e4 (...) 18.196.84.70
2022-08-12 23:01:12 +0000
0 - 0 - 2 www.ibayme.eb2a.com/code.php?mode=cb&usr=Z2Vv (...) 199.59.243.220
2022-08-12 22:57:19 +0000
0 - 0 - 2 www1.vaccinespottr.org/ 99.83.136.84

No other reports on domain: katieniehaus.com



JavaScript

Executed Scripts (49)


Executed Evals (5)

#1 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 07a2e04ded701ef4b82f4e597a6100b86db9cdf97b1bb38a70dba6232cd898c4

                                        0,
function(b) {
    sd(b, 1)
}
                                    

#2 JavaScript::Eval (size: 64, repeated: 1) - SHA256: ac922c8d9e8eeb893aae328f514bfc6249e94faf2b61244ea56397c77d59113f

                                        0,
function(b, H, V) {
    (H = (V = (H = W(b), W(b)), b.u[H] && F(H, b)), v)(V, b, H)
}
                                    

#3 JavaScript::Eval (size: 22, repeated: 1) - SHA256: 76bb653f0bb4f3f0de8c5fa02fe9f0a6962895bf7772d4d2747c33e36e1abcb8

                                        0,
function(b) {
    sd(b, 2)
}
                                    

#4 JavaScript::Eval (size: 15513, repeated: 1) - SHA256: 5b0fe7d05524f8a276474d18dd47b09305a0b8e0a296394c903fb0febe1c41ab

                                        /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var C = function(g, b) {
            if (!(g = (b = null, a.trustedTypes), g) || !g.createPolicy) return b;
            try {
                b = g.createPolicy("bg", {
                    createHTML: V,
                    createScript: V,
                    createScriptURL: V
                })
            } catch (O) {
                a.console && a.console.error(O.message)
            }
            return b
        },
        a = this || self,
        V = function(g) {
            return g
        };
    (0, eval)(function(g, b) {
        return (b = C()) && 1 === g.eval(b.createScript("1")) ? function(O) {
            return b.createScript(O)
        } : function(O) {
            return "" + O
        }
    }(a)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var P=function(g,O,a,C,k){for(k=(O=a=(g=g.replace(/\\r\\n/g,"\\n"),0),[]);O<g.length;O++)C=g.charCodeAt(O),128>C?k[a++]=C:(2048>C?k[a++]=C>>6|192:(55296==(C&64512)&&O+1<g.length&&56320==(g.charCodeAt(O+1)&64512)?(C=65536+((C&1023)<<10)+(g.charCodeAt(++O)&1023),k[a++]=C>>18|240,k[a++]=C>>12&63|128):k[a++]=C>>12|224,k[a++]=C>>6&63|128),k[a++]=C&63|128);return k},G=function(g,O,a){a=this;try{gi(this,O,g)}catch(C){y(C,this),g(function(k){k(a.C)})}},z,bB=function(g,O){if(g=null,O=n.trustedTypes,!O||!O.createPolicy)return g;try{g=O.createPolicy("bg",{createHTML:m,createScript:m,createScriptURL:m})}catch(a){n.console&&n.console.error(a.message)}return g},Od=function(g,O,a,C,k){for(g=g[k=(C=0,g[2])|0,3]|0;14>C;C++)g=g>>>8|g<<24,a=a>>>8|a<<24,a+=O|0,O=O<<3|O>>>29,a^=k+51,O^=a,g+=k|0,g^=C+51,k=k<<3|k>>>29,k^=g;return[O>>>24&255,O>>>16&255,O>>>8&255,O>>>0&255,a>>>24&255,a>>>16&255,a>>>8&255,a>>>0&255]},aV=function(g,O,a){if((O=typeof g,"object")==O)if(g){if(g instanceof Array)return"array";if(g instanceof Object)return O;if(a=Object.prototype.toString.call(g),"[object Window]"==a)return"object";if("[object Array]"==a||"number"==typeof g.length&&"undefined"!=typeof g.splice&&"undefined"!=typeof g.propertyIsEnumerable&&!g.propertyIsEnumerable("splice"))return"array";if("[object Function]"==a||"undefined"!=typeof g.call&&"undefined"!=typeof g.propertyIsEnumerable&&!g.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==O&&"undefined"==typeof g.call)return"object";return O},m=function(g){return g},Vo=function(g,O,a){if(3==g.length){for(a=0;3>a;a++)O[a]+=g[a];for(a=(g=[13,8,13,12,16,5,3,10,15],0);9>a;a++)O[3](O,a%3,g[a])}},eA=function(g,O,a,C,k){return{invoke:(C=C2(g,function(b){a&&(O&&D(O),k=b,a(),a=void 0)},(k=void 0,a=function(){},!!O))[0],function(b,H,V,e,r){if(!H)return H=C(V),b&&b(H),H;e=function(){k(function(R){D(function(){b(R)})},V)},k?e():(r=a,a=function(){(r(),D)(e)})})}},HB=function(g,O,a,C){try{C=g[((O|0)+2)%3],g[O]=(g[O]|0)-(g[((O|0)+1)%3]|0)-(C|0)^(1==O?C<<a:C>>>a)}catch(k){throw k;}},X=function(g,O){for(O=[];g--;)O.push(255*Math.random()|0);return O},n=this||self,C2=function(g,O,a,C){return(C=z[g.substring(0,3)+"_"])?C(g.substring(3),O,a):k2(O,g)},D=n.requestIdleCallback?function(g){requestIdleCallback(function(){g()},{timeout:4})}:n.setImmediate?function(g){setImmediate(g)}:function(g){setTimeout(g,0)},PB=function(g,O){(O.push(g[0]<<24|g[1]<<16|g[2]<<8|g[3]),O.push(g[4]<<24|g[5]<<16|g[6]<<8|g[7]),O).push(g[8]<<24|g[9]<<16|g[10]<<8|g[11])},k2=function(g,O){return[(g(function(a){a(O)}),function(){return O})]},Z={passive:true,capture:true},yo=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),GV=[],y=function(g,O){O.C=((O.C?O.C+"~":"E:")+g.message+":"+g.stack).slice(0,2048)},w={},ri=((G.prototype.CK=false,G.prototype).E9=void 0,[]),u=(G.prototype.g=(G.prototype.jL=void 0,"toString"),[]),RV=[],gi=function(g,O,a,C,k){for(k=(g.Ns=(g.l=hm((g.ab=(g.U9=Jm,g.fK=$2,g[f]),{get:function(){return this.concat()}}),g.A),c[g.A](g.l,{value:{value:{}}})),0),C=[];128>k;k++)C[k]=String.fromCharCode(k);((((((((((((((g.GB=((((((((((((((v(289,(g.Ib=(g.I=void 0,g.D=[],g.C=((g.Y=0,g.V=25,g.K=(k=window.performance||{},g.Z=g,g.h=void 0,(g.Qo=false,g).o=(g.P=0,(g.X=1,g.H=(g.B=0,[]),g.O=0,(g.U=(g.s=void 0,void 0),g).j=[],g.u=[],g).c5=(g.uK=function(b){this.Z=b},g.L=false,[]),void 0),0),g.R=0,g).v=void 0,g.S=null,void 0),g.N=[],g.J=8001,g.SL=0,k.timeOrigin)||(k.timing||{}).navigationStart||0,g),0),v)(28,g,0),v(47,g,function(b){Ed(b,4)}),v(476,g,function(b,H,V,e){(e=(V=(H=W(b),W(b)),W(b)),b).Z==b&&(e=F(e,b),V=F(V,b),F(H,b)[V]=e,367==H&&(b.o=void 0,2==V&&(b.U=Q(32,b,false),b.o=void 0)))}),v(228,g,function(b,H){H=F(W(b),b),n2(b.Z,H)}),v)(374,g,function(b,H,V,e){(e=(V=W(b),p(b)),H=W(b),v)(H,b,F(V,b)>>>e)}),v)(216,g,function(b){m9(b,4)}),v)(277,g,function(b,H,V,e,r,R){if(!t(true,H,b,true)){if("object"==(b=(R=(V=(R=(e=(H=(V=W(b),W(b)),W(b)),W(b)),H=F(H,b),F)(V,b),F(R,b)),F(e,b)),aV(V))){for(r in e=[],V)e.push(r);V=e}for(e=(r=(b=0<b?b:1,V).length,0);e<r;e+=b)H(V.slice(e,(e|0)+(b|0)),R)}}),v(443,g,function(b,H,V,e,r){for(V=(e=(H=(r=W(b),Db(b)),[]),0);V<H;V++)e.push(p(b));v(r,b,e)}),v(282,g,function(b,H,V){(H=0!=(H=W(b),V=W(b),F)(H,b),V=F(V,b),H)&&v(289,b,V)}),v)(288,g,function(b,H,V,e,r,R){t(false,H,b,true)||(V=qF(b.Z),H=V.ZT,R=V.i,e=V.W,V=V.Ms,r=e.length,R=0==r?new V[R]:1==r?new V[R](e[0]):2==r?new V[R](e[0],e[1]):3==r?new V[R](e[0],e[1],e[2]):4==r?new V[R](e[0],e[1],e[2],e[3]):2(),v(H,b,R))}),v)(360,g,function(b,H,V){t(false,H,b,true)||(H=W(b),V=W(b),v(V,b,function(e){return eval(e)}(zV(F(H,b.Z)))))}),v(67,g,function(b,H,V){(V=(H=W(b),W(b)),v)(V,b,""+F(H,b))}),v(44,g,function(b,H,V){V=aV((V=(H=(V=W(b),W)(b),F(V,b)),V)),v(H,b,V)}),v)(10,g,[160,0,0]),v)(102,g,function(b){sd(b,4)}),v)(116,g,2048),v)(468,g,function(b){Ed(b,3)}),v)(13,g,function(b,H,V,e){!t(false,H,b,true)&&(H=qF(b),V=H.Ms,e=H.i,b.Z==b||e==b.uK&&V==b)&&(v(H.ZT,b,e.apply(V,H.W)),b.B=b.T())}),v)(236,g,function(b,H,V,e){H=(V=W(b),W)(b),e=W(b),v(e,b,F(V,b)||F(H,b))}),v)(452,g,g),0),v(334,g,function(b,H,V,e,r){r=(H=(V=(H=(r=(e=W(b),W(b)),W)(b),V=W(b),F)(V,b),F)(H,b),F)(r,b),e=F(e,b.Z),0!==e&&(V=Ud(V,1,b,H,e,r),e.addEventListener(r,V,Z),v(255,b,[e,r,V]))}),v(55,g,function(b,H,V,e){(e=(H=(V=W(b),W(b)),W(b)),H=F(H,b),V=F(V,b),v)(e,b,V in H|0)}),v)(434,g,function(b,H,V,e){H=(V=(e=W(b),W(b)),F(V,b)),e=F(e,b),v(V,b,H+e)}),v)(179,g,function(b,H,V,e,r){(r=(H=(V=(r=(H=(e=W(b),W(b)),V=W(b),W(b)),F)(V,b),F(H,b)),F(r,b)),v)(e,b,Ud(V,r,b,H))}),v(45,g,function(b){m9(b,1)}),g).hG=0,v(227,g,[0,0,0]),v)(191,g,X(4)),v(177,g,466),v)(213,g,{}),v(255,g,0),v)(223,g,function(b,H,V,e,r,R,J){for(R=(e=(V=W(b),Db(b)),""),H=F(139,b),J=H.length,r=0;e--;)r=((r|0)+(Db(b)|0))%J,R+=C[H[r]];v(V,b,R)}),v)(73,g,function(b,H,V,e){if(e=b.c5.pop()){for(H=p(b);0<H;H--)V=W(b),e[V]=b.u[V];(e[116]=(e[501]=b.u[501],b.u)[116],b).u=e}else v(289,b,b.R)}),v(370,g,function(b,H,V,e){V=(e=(H=(V=(e=W(b),W(b)),W(b)),F(e,b)),F(V,b)),v(H,b,e[V])}),v)(501,g,[]),v(503,g,n),v)(398,g,0),v(283,g,[]),g.eL=0,v(444,g,function(){}),v(304,g,function(b,H){(b=(H=W(b),F(H,b)),b)[0].removeEventListener(b[1],b[2],Z)}),v)(189,g,function(b,H,V,e,r,R,J,E,h,A,U,M,K){for(h=(V=(H=(J=(e=r=(K=W(b),0),function(q,x){for(;e<q;)r|=p(b)<<e,e+=8;return r>>=(x=r&(1<<q)-(e-=q,1),q),x}),(J(3)|0)+1),R=J(5),A=0),[]);V<R;V++)M=J(1),h.push(M),A+=M?0:1;for(U=(V=(A=((A|0)-1).toString(2).length,0),[]);V<R;V++)h[V]||(U[V]=J(A));for(J=0;J<R;J++)h[J]&&(U[J]=W(b));for(E=[];H--;)E.push(F(W(b),b));v(K,b,function(q,x,d,T,Y){for(T=(x=(d=[],[]),0);T<R;T++){if(!(Y=U[T],h[T])){for(;Y>=d.length;)d.push(W(q));Y=d[Y]}x.push(Y)}q.I=oV(E.slice(),q),q.h=oV(x,q)})}),v)(25,g,function(b,H,V,e){(e=(H=(V=(e=W(b),H=W(b),W(b)),F(H,b)),F)(e,b)==H,v)(V,b,+e)}),N)(g,[GV]),N)(g,[L,O]),N)(g,[MF,a]),S(g,true,true)},MF=[],f=[],XL=[],L=[],qF=(((((PB,function(){})(X),function(){})(HB),function(){})(Vo),G.prototype).A="create",function(g,O,a,C,k,b){for(C=(O=((b=W((k=g[yo]||{},g)),k).ZT=W(g),k.W=[],a=g.Z==g?(p(g)|0)-1:1,W(g)),0);C<a;C++)k.W.push(W(g));for((k.i=F(b,g),k).Ms=F(O,g);a--;)k.W[a]=F(k.W[a],g);return k}),Ud=(G.prototype.yo=function(g,O,a,C,k){for(C=k=0;k<g.length;k++)C+=g.charCodeAt(k),C+=C<<10,C^=C>>6;return(g=(C+=C<<3,C^=C>>11,C+(C<<15)>>>0),k=new Number(g&(1<<O)-1),k)[0]=(g>>>O)%a,k},G.prototype.T=(window.performance||{}).now?function(){return this.Ib+window.performance.now()}:function(){return+new Date},function(g,O,a,C,k,b,H){return H=function(){if(a.Z==a){if(a.u){var V=[XL,C,g,void 0,k,b,arguments];if(2==O)var e=(N(a,V),S)(a,false,false);else if(1==O){var r=!a.N.length;N(a,V),r&&S(a,false,false)}else e=Am(V,a);return e}k&&b&&k.removeEventListener(b,H,Z)}}}),wi=function(g,O,a,C,k,b,H,V){return(b=c[O.A]((C=[0,24,53,-28,79,71,C,(k=a&7,H=Zb,12),73,-10],O.l)),b)[O.A]=function(e){V=(k+=6+7*a,e),k&=7},b.concat=function(e){return(V=(e=-1715*(e=g%16+1,V)+2*g*g*e-e*V-1176*g*V-98*g*g*V+C[k+67&7]*g*e+49*V*V+k+(H()|0)*e,void 0),e=C[e],C)[(k+77&7)+(a&2)]=e,C[k+(a&2)]=24,e},b},c=w.constructor,oV=function(g,O,a){return((a=c[O.A](O.Ns),a)[O.A]=function(){return g},a).concat=function(C){g=C},a},F=function(g,O){if((O=O.u[g],void 0)===O)throw[w,30,g];if(O.value)return O.create();return O.create(2*g*g+24*g+35),O.prototype},uB=function(g,O){return g[O]<<24|g[(O|0)+1]<<16|g[(O|0)+2]<<8|g[(O|0)+3]},W=(G.prototype.W5=function(g,O,a,C,k,b){for(b=k=(a=[],0);b<g.length;b++)for(k+=O,C=C<<O|g[b];7<k;)k-=8,a.push(C>>k&255);return a},function(g,O){if(g.I)return x2(g,g.h);return(O=Q(8,g,true),O)&128&&(O^=128,g=Q(2,g,true),O=(O<<2)+(g|0)),O}),v=function(g,O,a){367==(289==g||28==g?O.u[g]?O.u[g].concat(a):O.u[g]=oV(a,O):10==g||191==g||283==g||501==g||227==g?O.u[g]||(O.u[g]=wi(g,O,94,a)):O.u[g]=wi(g,O,57,a),g)&&(O.U=Q(32,O,false),O.o=void 0)},p=(G.prototype.AG=(G.prototype.F=function(g,O,a,C,k){if((a="array"===aV(a)?a:[a],this).C)g(this.C);else try{C=[],k=!this.N.length,N(this,[u,C,a]),N(this,[f,g,C]),O&&!k||S(this,true,O)}catch(b){y(b,this),g(this.C)}},function(g,O,a){return g^((O=(O^=O<<13,O^=O>>17,O^O<<5)&a)||(O=1),O)}),function(g){return g.I?x2(g,g.h):Q(8,g,true)}),x2=function(g,O){return(O=O.create().shift(),g.I.create().length||g.h.create().length)||(g.I=void 0,g.h=void 0),O},hm=(G.prototype.ob=function(){return Math.floor(this.T())},function(g,O){return c[O](c.prototype,{console:g,floor:g,document:g,stack:g,prototype:g,pop:g,length:g,parent:g,propertyIsEnumerable:g,splice:g,replace:g,call:g})}),Zb=void 0,Am=function(g,O,a,C,k){if((k=g[0],k)==u)O.V=25,O.G(g);else if(k==f){C=g[1];try{a=O.C||O.G(g)}catch(b){y(b,O),a=O.C}C(a)}else if(k==ri)O.G(g);else if(k==L)O.G(g);else if(k==MF){try{for(a=0;a<O.H.length;a++)try{C=O.H[a],C[0][C[1]](C[2])}catch(b){}}catch(b){}(0,g[1])(function(b,H){O.F(b,true,H)},(O.H=[],function(b){(N(O,(b=!O.N.length,[RV])),b)&&S(O,false,true)}))}else{if(k==XL)return a=g[2],v(311,O,g[6]),v(213,O,a),O.G(g);k==RV?(O.D=[],O.u=null,O.j=[]):k==GV&&"loading"===n.document.readyState&&(O.S=function(b,H,V){n.document.addEventListener((V=(H=false,function(){H||(H=true,b())}),"DOMContentLoaded"),V,Z),n.addEventListener("load",V,Z)})}},l=function(g,O,a,C,k,b){if(3<((a=((b=F(501,(C=void 0,O&&O[0]===w&&(a=O[1],C=O[2],O=void 0),g)),0)==b.length&&(k=F(28,g)>>3,b.push(a,k>>8&255,k&255),void 0!=C&&b.push(C&255)),""),O)&&(O.message&&(a+=O.message),O.stack&&(a+=":"+O.stack)),O=F(116,g),O)){C=(a=(a=a.slice(0,(O|0)-3),O-=(a.length|0)+3,P(a)),g).Z,g.Z=g;try{B(191,g,I(a.length,2).concat(a),9)}finally{g.Z=C}}v(116,g,O)},B=function(g,O,a,C,k,b){if(O.Z==O)for(k=F(g,O),191==g?(g=function(H,V,e,r){if((e=(V=k.length,V|0)-4>>3,k.xr)!=e){e=(r=[0,0,(k.xr=e,b[1]),b[2]],(e<<3)-4);try{k.kr=Od(r,uB(k,e),uB(k,(e|0)+4))}catch(R){throw R;}}k.push(k.kr[V&7]^H)},b=F(227,O)):g=function(H){k.push(H)},C&&g(C&255),O=0,C=a.length;O<C;O++)g(a[O])},I=(G.prototype.TB=function(){return Math.floor(this.Y+(this.T()-this.O))},function(g,O,a,C){for(C=(a=(O|0)-1,[]);0<=a;a--)C[(O|0)-1-(a|0)]=g>>8*a&255;return C}),cB=function(g,O,a,C){return(((C=F(289,O),O.j&&C<O.R)?(v(289,O,O.R),n2(O,g)):v(289,O,g),f2)(O,a),v)(289,O,C),F(213,O)},n2=function(g,O){(g.c5.push(g.u.slice()),g).u[289]=void 0,v(289,g,O)},N=function(g,O){g.N.splice(0,0,O)},Q=function(g,O,a,C,k,b,H,V,e,r,R,J,E,h){if((h=F(289,O),h)>=O.R)throw[w,31];for(C=(r=(H=h,0),O.ab.length),J=g;0<J;)b=H>>3,R=O.j[b],V=H%8,E=8-(V|0),E=E<J?E:J,a&&(e=O,e.o!=H>>6&&(e.o=H>>6,k=F(367,e),e.v=Od([0,0,k[1],k[2]],e.U,e.o)),R^=O.v[b&C]),r|=(R>>8-(V|0)-(E|0)&(1<<E)-1)<<(J|0)-(E|0),J-=E,H+=E;return v(289,O,(a=r,(h|0)+(g|0))),a},Db=function(g,O){return(O=p(g),O)&128&&(O=O&127|p(g)<<7),O},f2=function(g,O,a,C,k,b){if(!g.C){g.P++;try{for(C=(k=(b=void 0,g.R),0);--O;)try{if((a=void 0,g).I)b=x2(g,g.I);else{if((C=F(289,g),C)>=k)break;b=(a=(v(28,g,C),W(g)),F(a,g))}(b&&b.call?b(g,O):l(g,[w,21,a],0),t)(false,O,g,false)}catch(H){F(177,g)?l(g,H,22):v(177,g,H)}if(!O){if(g.CK){f2(g,(g.P--,536963536053));return}l(g,[w,33],0)}}catch(H){try{l(g,H,22)}catch(V){y(V,g)}}g.P--}},Ed=(((G.prototype.G=function(g,O){return O=(g={},{}),Zb=function(){return O==g?35:45},function(a,C,k,b,H,V,e,r,R,J,E,h,A,U,M){O=(R=O,g);try{if(r=a[0],r==L){A=a[1];try{for(h=(M=(b=atob(A),0),C=[],0);h<b.length;h++)V=b.charCodeAt(h),255<V&&(C[M++]=V&255,V>>=8),C[M++]=V;v((this.R=(this.j=C,this.j).length<<3,367),this,[0,0,0])}catch(K){l(this,K,17);return}f2(this,8001)}else if(r==u)a[1].push(F(116,this),F(191,this).length,F(10,this).length,F(283,this).length),v(213,this,a[2]),this.u[107]&&cB(F(107,this),this,8001);else{if(r==f){this.Z=(J=(H=I((F((C=a[2],10),this).length|0)+2,2),this).Z,this);try{U=F(501,this),0<U.length&&B(10,this,I(U.length,2).concat(U),10),B(10,this,I(this.X,1),109),B(10,this,I(this[f].length,1)),b=0,b-=(F(10,this).length|0)+5,b+=F(398,this)&2047,E=F(191,this),4<E.length&&(b-=(E.length|0)+3),0<b&&B(10,this,I(b,2).concat(X(b)),15),4<E.length&&B(10,this,I(E.length,2).concat(E),156)}finally{this.Z=J}if(k=(h=X(2).concat(F(10,this)),h[1]=h[0]^6,h[3]=h[1]^H[0],h[4]=h[1]^H[1],this.pK(h)))k="!"+k;else for(b=0,k="";b<h.length;b++)e=h[b][this.g](16),1==e.length&&(e="0"+e),k+=e;return(((v(116,(M=k,this),C.shift()),F(191,this)).length=C.shift(),F(10,this)).length=C.shift(),F)(283,this).length=C.shift(),M}if(r==ri)cB(a[1],this,a[2]);else if(r==XL)return cB(a[1],this,8001)}}finally{O=R}}}(),G).prototype.pK=function(g,O,a,C){if(C=window.btoa){for(a=(O="",0);a<g.length;a+=8192)O+=String.fromCharCode.apply(null,g.slice(a,a+8192));g=C(O).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else g=void 0;return g},G).prototype.wq=0,function(g,O,a,C,k){(k=(k=(O&=(a=O&3,4),W(g)),C=W(g),F)(k,g),O)&&(k=P(""+k)),a&&B(C,g,I(k.length,2)),B(C,g,k)}),m9=function(g,O,a,C){C=W(g),a=W(g),B(a,g,I(F(C,g),O))},sd=function(g,O,a,C){for(C=(a=W(g),0);0<O;O--)C=C<<8|p(g);v(a,g,C)},vB=function(g,O,a){return O.F(function(C){a=C},false,g),a},S=function(g,O,a,C,k,b){if(g.N.length){((g.L&&0(),g).L=true,g).Qo=a;try{b=g.T(),g.O=b,g.s=0,g.B=b,C=WB(a,g),k=g.T()-g.O,g.Y+=k,k<(O?0:10)||0>=g.V--||(k=Math.floor(k),g.D.push(254>=k?k:254))}finally{g.L=false}return C}},WB=(G.prototype.B5=0,G.prototype[MF]=[0,0,1,1,0,1,1],function(g,O,a,C){for(;O.N.length;){C=(O.S=null,O.N.pop());try{a=Am(C,O)}catch(k){y(k,O)}if(g&&O.S){(g=O.S,g)(function(){S(O,true,true)});break}}return a}),$2,t=function(g,O,a,C,k,b,H,V,e){if(((a.Z=(k=(e=(V=((H=0<a.K&&a.L&&a.Qo&&1>=a.P&&!a.I&&!a.S&&(!C||1<a.J-O)&&0==document.hidden,g=g?255:C?5:2,C)||a.s++,(b=4==a.s)||H?a.T():a.B),V-a.B),e>>14),a.U&&(a.U^=k*(e<<2)),k)||a.Z,a).X+=k,b)||H)a.s=0,a.B=V;if(!H||V-a.O<a.K-g)return false;return!(((H=F((a.J=O,C)?28:289,a),v(289,a,a.R),a).N.push([ri,H,C?O+1:O]),a).S=D,0)},Jm=/./,FL=L.pop.bind(G.prototype[u]),zV=function(g,O){return(O=bB())&&1===g.eval(O.createScript("1"))?function(a){return O.createScript(a)}:function(a){return""+a}}(($2=hm({get:FL},(Jm[G.prototype.g]=FL,G.prototype.A)),G.prototype.Rb=void 0,n));40<(z=n.botguard||(n.botguard={}),z.m)||(z.m=41,z.bg=eA,z.a=C2),z.NFD_=function(g,O,a){return a=new G(O,g),[function(C){return vB(C,a)}]};}).call(this);'));
}).call(this);
                                    

#5 JavaScript::Eval (size: 19157, repeated: 1) - SHA256: cd6da05ed9caf843bda1dc76583c84b4ce0eecb392957cea9fb82f4b11d2a8c0

                                        (function() {
    var P = function(g, O, a, C, k) {
            for (k = (O = a = (g = g.replace(/\r\n/g, "\n"), 0), []); O < g.length; O++) C = g.charCodeAt(O), 128 > C ? k[a++] = C : (2048 > C ? k[a++] = C >> 6 | 192 : (55296 == (C & 64512) && O + 1 < g.length && 56320 == (g.charCodeAt(O + 1) & 64512) ? (C = 65536 + ((C & 1023) << 10) + (g.charCodeAt(++O) & 1023), k[a++] = C >> 18 | 240, k[a++] = C >> 12 & 63 | 128) : k[a++] = C >> 12 | 224, k[a++] = C >> 6 & 63 | 128), k[a++] = C & 63 | 128);
            return k
        },
        G = function(g, O, a) {
            a = this;
            try {
                gi(this, O, g)
            } catch (C) {
                y(C, this), g(function(k) {
                    k(a.C)
                })
            }
        },
        z, bB = function(g, O) {
            if (g = null, O = n.trustedTypes, !O || !O.createPolicy) return g;
            try {
                g = O.createPolicy("bg", {
                    createHTML: m,
                    createScript: m,
                    createScriptURL: m
                })
            } catch (a) {
                n.console && n.console.error(a.message)
            }
            return g
        },
        Od = function(g, O, a, C, k) {
            for (g = g[k = (C = 0, g[2]) | 0, 3] | 0; 14 > C; C++) g = g >>> 8 | g << 24, a = a >>> 8 | a << 24, a += O | 0, O = O << 3 | O >>> 29, a ^= k + 51, O ^= a, g += k | 0, g ^= C + 51, k = k << 3 | k >>> 29, k ^= g;
            return [O >>> 24 & 255, O >>> 16 & 255, O >>> 8 & 255, O >>> 0 & 255, a >>> 24 & 255, a >>> 16 & 255, a >>> 8 & 255, a >>> 0 & 255]
        },
        aV = function(g, O, a) {
            if ((O = typeof g, "object") == O)
                if (g) {
                    if (g instanceof Array) return "array";
                    if (g instanceof Object) return O;
                    if (a = Object.prototype.toString.call(g), "[object Window]" == a) return "object";
                    if ("[object Array]" == a || "number" == typeof g.length && "undefined" != typeof g.splice && "undefined" != typeof g.propertyIsEnumerable && !g.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == a || "undefined" != typeof g.call && "undefined" != typeof g.propertyIsEnumerable && !g.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == O && "undefined" == typeof g.call) return "object";
            return O
        },
        m = function(g) {
            return g
        },
        Vo = function(g, O, a) {
            if (3 == g.length) {
                for (a = 0; 3 > a; a++) O[a] += g[a];
                for (a = (g = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > a; a++) O[3](O, a % 3, g[a])
            }
        },
        eA = function(g, O, a, C, k) {
            return {
                invoke: (C = C2(g, function(b) {
                    a && (O && D(O), k = b, a(), a = void 0)
                }, (k = void 0, a = function() {}, !!O))[0], function(b, H, V, e, r) {
                    if (!H) return H = C(V), b && b(H), H;
                    e = function() {
                        k(function(R) {
                            D(function() {
                                b(R)
                            })
                        }, V)
                    }, k ? e() : (r = a, a = function() {
                        (r(), D)(e)
                    })
                })
            }
        },
        HB = function(g, O, a, C) {
            try {
                C = g[((O | 0) + 2) % 3], g[O] = (g[O] | 0) - (g[((O | 0) + 1) % 3] | 0) - (C | 0) ^ (1 == O ? C << a : C >>> a)
            } catch (k) {
                throw k;
            }
        },
        X = function(g, O) {
            for (O = []; g--;) O.push(255 * Math.random() | 0);
            return O
        },
        n = this || self,
        C2 = function(g, O, a, C) {
            return (C = z[g.substring(0, 3) + "_"]) ? C(g.substring(3), O, a) : k2(O, g)
        },
        D = n.requestIdleCallback ? function(g) {
            requestIdleCallback(function() {
                g()
            }, {
                timeout: 4
            })
        } : n.setImmediate ? function(g) {
            setImmediate(g)
        } : function(g) {
            setTimeout(g, 0)
        },
        PB = function(g, O) {
            (O.push(g[0] << 24 | g[1] << 16 | g[2] << 8 | g[3]), O.push(g[4] << 24 | g[5] << 16 | g[6] << 8 | g[7]), O).push(g[8] << 24 | g[9] << 16 | g[10] << 8 | g[11])
        },
        k2 = function(g, O) {
            return [(g(function(a) {
                a(O)
            }), function() {
                return O
            })]
        },
        Z = {
            passive: true,
            capture: true
        },
        yo = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        GV = [],
        y = function(g, O) {
            O.C = ((O.C ? O.C + "~" : "E:") + g.message + ":" + g.stack).slice(0, 2048)
        },
        w = {},
        ri = ((G.prototype.CK = false, G.prototype).E9 = void 0, []),
        u = (G.prototype.g = (G.prototype.jL = void 0, "toString"), []),
        RV = [],
        gi = function(g, O, a, C, k) {
            for (k = (g.Ns = (g.l = hm((g.ab = (g.U9 = Jm, g.fK = $2, g[f]), {get: function() {
                        return this.concat()
                    }
                }), g.A), c[g.A](g.l, {
                    value: {
                        value: {}
                    }
                })), 0), C = []; 128 > k; k++) C[k] = String.fromCharCode(k);
            ((((((((((((((g.GB = ((((((((((((((v(289, (g.Ib = (g.I = void 0, g.D = [], g.C = ((g.Y = 0, g.V = 25, g.K = (k = window.performance || {}, g.Z = g, g.h = void 0, (g.Qo = false, g).o = (g.P = 0, (g.X = 1, g.H = (g.B = 0, []), g.O = 0, (g.U = (g.s = void 0, void 0), g).j = [], g.u = [], g).c5 = (g.uK = function(b) {
                this.Z = b
            }, g.L = false, []), void 0), 0), g.R = 0, g).v = void 0, g.S = null, void 0), g.N = [], g.J = 8001, g.SL = 0, k.timeOrigin) || (k.timing || {}).navigationStart || 0, g), 0), v)(28, g, 0), v(47, g, function(b) {
                Ed(b, 4)
            }), v(476, g, function(b, H, V, e) {
                (e = (V = (H = W(b), W(b)), W(b)), b).Z == b && (e = F(e, b), V = F(V, b), F(H, b)[V] = e, 367 == H && (b.o = void 0, 2 == V && (b.U = Q(32, b, false), b.o = void 0)))
            }), v(228, g, function(b, H) {
                H = F(W(b), b), n2(b.Z, H)
            }), v)(374, g, function(b, H, V, e) {
                (e = (V = W(b), p(b)), H = W(b), v)(H, b, F(V, b) >>> e)
            }), v)(216, g, function(b) {
                m9(b, 4)
            }), v)(277, g, function(b, H, V, e, r, R) {
                if (!t(true, H, b, true)) {
                    if ("object" == (b = (R = (V = (R = (e = (H = (V = W(b), W(b)), W(b)), W(b)), H = F(H, b), F)(V, b), F(R, b)), F(e, b)), aV(V))) {
                        for (r in e = [], V) e.push(r);
                        V = e
                    }
                    for (e = (r = (b = 0 < b ? b : 1, V).length, 0); e < r; e += b) H(V.slice(e, (e | 0) + (b | 0)), R)
                }
            }), v(443, g, function(b, H, V, e, r) {
                for (V = (e = (H = (r = W(b), Db(b)), []), 0); V < H; V++) e.push(p(b));
                v(r, b, e)
            }), v(282, g, function(b, H, V) {
                (H = 0 != (H = W(b), V = W(b), F)(H, b), V = F(V, b), H) && v(289, b, V)
            }), v)(288, g, function(b, H, V, e, r, R) {
                t(false, H, b, true) || (V = qF(b.Z), H = V.ZT, R = V.i, e = V.W, V = V.Ms, r = e.length, R = 0 == r ? new V[R] : 1 == r ? new V[R](e[0]) : 2 == r ? new V[R](e[0], e[1]) : 3 == r ? new V[R](e[0], e[1], e[2]) : 4 == r ? new V[R](e[0], e[1], e[2], e[3]) : 2(), v(H, b, R))
            }), v)(360, g, function(b, H, V) {
                t(false, H, b, true) || (H = W(b), V = W(b), v(V, b, function(e) {
                    return eval(e)
                }(zV(F(H, b.Z)))))
            }), v(67, g, function(b, H, V) {
                (V = (H = W(b), W(b)), v)(V, b, "" + F(H, b))
            }), v(44, g, function(b, H, V) {
                V = aV((V = (H = (V = W(b), W)(b), F(V, b)), V)), v(H, b, V)
            }), v)(10, g, [160, 0, 0]), v)(102, g, function(b) {
                sd(b, 4)
            }), v)(116, g, 2048), v)(468, g, function(b) {
                Ed(b, 3)
            }), v)(13, g, function(b, H, V, e) {
                !t(false, H, b, true) && (H = qF(b), V = H.Ms, e = H.i, b.Z == b || e == b.uK && V == b) && (v(H.ZT, b, e.apply(V, H.W)), b.B = b.T())
            }), v)(236, g, function(b, H, V, e) {
                H = (V = W(b), W)(b), e = W(b), v(e, b, F(V, b) || F(H, b))
            }), v)(452, g, g), 0), v(334, g, function(b, H, V, e, r) {
                r = (H = (V = (H = (r = (e = W(b), W(b)), W)(b), V = W(b), F)(V, b), F)(H, b), F)(r, b), e = F(e, b.Z), 0 !== e && (V = Ud(V, 1, b, H, e, r), e.addEventListener(r, V, Z), v(255, b, [e, r, V]))
            }), v(55, g, function(b, H, V, e) {
                (e = (H = (V = W(b), W(b)), W(b)), H = F(H, b), V = F(V, b), v)(e, b, V in H | 0)
            }), v)(434, g, function(b, H, V, e) {
                H = (V = (e = W(b), W(b)), F(V, b)), e = F(e, b), v(V, b, H + e)
            }), v)(179, g, function(b, H, V, e, r) {
                (r = (H = (V = (r = (H = (e = W(b), W(b)), V = W(b), W(b)), F)(V, b), F(H, b)), F(r, b)), v)(e, b, Ud(V, r, b, H))
            }), v(45, g, function(b) {
                m9(b, 1)
            }), g).hG = 0, v(227, g, [0, 0, 0]), v)(191, g, X(4)), v(177, g, 466), v)(213, g, {}), v(255, g, 0), v)(223, g, function(b, H, V, e, r, R, J) {
                for (R = (e = (V = W(b), Db(b)), ""), H = F(139, b), J = H.length, r = 0; e--;) r = ((r | 0) + (Db(b) | 0)) % J, R += C[H[r]];
                v(V, b, R)
            }), v)(73, g, function(b, H, V, e) {
                if (e = b.c5.pop()) {
                    for (H = p(b); 0 < H; H--) V = W(b), e[V] = b.u[V];
                    (e[116] = (e[501] = b.u[501], b.u)[116], b).u = e
                } else v(289, b, b.R)
            }), v(370, g, function(b, H, V, e) {
                V = (e = (H = (V = (e = W(b), W(b)), W(b)), F(e, b)), F(V, b)), v(H, b, e[V])
            }), v)(501, g, []), v(503, g, n), v)(398, g, 0), v(283, g, []), g.eL = 0, v(444, g, function() {}), v(304, g, function(b, H) {
                (b = (H = W(b), F(H, b)), b)[0].removeEventListener(b[1], b[2], Z)
            }), v)(189, g, function(b, H, V, e, r, R, J, E, h, A, U, M, K) {
                for (h = (V = (H = (J = (e = r = (K = W(b), 0), function(q, x) {
                        for (; e < q;) r |= p(b) << e, e += 8;
                        return r >>= (x = r & (1 << q) - (e -= q, 1), q), x
                    }), (J(3) | 0) + 1), R = J(5), A = 0), []); V < R; V++) M = J(1), h.push(M), A += M ? 0 : 1;
                for (U = (V = (A = ((A | 0) - 1).toString(2).length, 0), []); V < R; V++) h[V] || (U[V] = J(A));
                for (J = 0; J < R; J++) h[J] && (U[J] = W(b));
                for (E = []; H--;) E.push(F(W(b), b));
                v(K, b, function(q, x, d, T, Y) {
                    for (T = (x = (d = [], []), 0); T < R; T++) {
                        if (!(Y = U[T], h[T])) {
                            for (; Y >= d.length;) d.push(W(q));
                            Y = d[Y]
                        }
                        x.push(Y)
                    }
                    q.I = oV(E.slice(), q), q.h = oV(x, q)
                })
            }), v)(25, g, function(b, H, V, e) {
                (e = (H = (V = (e = W(b), H = W(b), W(b)), F(H, b)), F)(e, b) == H, v)(V, b, +e)
            }), N)(g, [GV]), N)(g, [L, O]), N)(g, [MF, a]), S(g, true, true)
        },
        MF = [],
        f = [],
        XL = [],
        L = [],
        qF = (((((PB, function() {})(X), function() {})(HB), function() {})(Vo), G.prototype).A = "create", function(g, O, a, C, k, b) {
            for (C = (O = ((b = W((k = g[yo] || {}, g)), k).ZT = W(g), k.W = [], a = g.Z == g ? (p(g) | 0) - 1 : 1, W(g)), 0); C < a; C++) k.W.push(W(g));
            for ((k.i = F(b, g), k).Ms = F(O, g); a--;) k.W[a] = F(k.W[a], g);
            return k
        }),
        Ud = (G.prototype.yo = function(g, O, a, C, k) {
            for (C = k = 0; k < g.length; k++) C += g.charCodeAt(k), C += C << 10, C ^= C >> 6;
            return (g = (C += C << 3, C ^= C >> 11, C + (C << 15) >>> 0), k = new Number(g & (1 << O) - 1), k)[0] = (g >>> O) % a, k
        }, G.prototype.T = (window.performance || {}).now ? function() {
            return this.Ib + window.performance.now()
        } : function() {
            return +new Date
        }, function(g, O, a, C, k, b, H) {
            return H = function() {
                if (a.Z == a) {
                    if (a.u) {
                        var V = [XL, C, g, void 0, k, b, arguments];
                        if (2 == O) var e = (N(a, V), S)(a, false, false);
                        else if (1 == O) {
                            var r = !a.N.length;
                            N(a, V), r && S(a, false, false)
                        } else e = Am(V, a);
                        return e
                    }
                    k && b && k.removeEventListener(b, H, Z)
                }
            }
        }),
        wi = function(g, O, a, C, k, b, H, V) {
            return (b = c[O.A]((C = [0, 24, 53, -28, 79, 71, C, (k = a & 7, H = Zb, 12), 73, -10], O.l)), b)[O.A] = function(e) {
                V = (k += 6 + 7 * a, e), k &= 7
            }, b.concat = function(e) {
                return (V = (e = -1715 * (e = g % 16 + 1, V) + 2 * g * g * e - e * V - 1176 * g * V - 98 * g * g * V + C[k + 67 & 7] * g * e + 49 * V * V + k + (H() | 0) * e, void 0), e = C[e], C)[(k + 77 & 7) + (a & 2)] = e, C[k + (a & 2)] = 24, e
            }, b
        },
        c = w.constructor,
        oV = function(g, O, a) {
            return ((a = c[O.A](O.Ns), a)[O.A] = function() {
                return g
            }, a).concat = function(C) {
                g = C
            }, a
        },
        F = function(g, O) {
            if ((O = O.u[g], void 0) === O) throw [w, 30, g];
            if (O.value) return O.create();
            return O.create(2 * g * g + 24 * g + 35), O.prototype
        },
        uB = function(g, O) {
            return g[O] << 24 | g[(O | 0) + 1] << 16 | g[(O | 0) + 2] << 8 | g[(O | 0) + 3]
        },
        W = (G.prototype.W5 = function(g, O, a, C, k, b) {
            for (b = k = (a = [], 0); b < g.length; b++)
                for (k += O, C = C << O | g[b]; 7 < k;) k -= 8, a.push(C >> k & 255);
            return a
        }, function(g, O) {
            if (g.I) return x2(g, g.h);
            return (O = Q(8, g, true), O) & 128 && (O ^= 128, g = Q(2, g, true), O = (O << 2) + (g | 0)), O
        }),
        v = function(g, O, a) {
            367 == (289 == g || 28 == g ? O.u[g] ? O.u[g].concat(a) : O.u[g] = oV(a, O) : 10 == g || 191 == g || 283 == g || 501 == g || 227 == g ? O.u[g] || (O.u[g] = wi(g, O, 94, a)) : O.u[g] = wi(g, O, 57, a), g) && (O.U = Q(32, O, false), O.o = void 0)
        },
        p = (G.prototype.AG = (G.prototype.F = function(g, O, a, C, k) {
            if ((a = "array" === aV(a) ? a : [a], this).C) g(this.C);
            else try {
                C = [], k = !this.N.length, N(this, [u, C, a]), N(this, [f, g, C]), O && !k || S(this, true, O)
            } catch (b) {
                y(b, this), g(this.C)
            }
        }, function(g, O, a) {
            return g ^ ((O = (O ^= O << 13, O ^= O >> 17, O ^ O << 5) & a) || (O = 1), O)
        }), function(g) {
            return g.I ? x2(g, g.h) : Q(8, g, true)
        }),
        x2 = function(g, O) {
            return (O = O.create().shift(), g.I.create().length || g.h.create().length) || (g.I = void 0, g.h = void 0), O
        },
        hm = (G.prototype.ob = function() {
            return Math.floor(this.T())
        }, function(g, O) {
            return c[O](c.prototype, {
                console: g,
                floor: g,
                document: g,
                stack: g,
                prototype: g,
                pop: g,
                length: g,
                parent: g,
                propertyIsEnumerable: g,
                splice: g,
                replace: g,
                call: g
            })
        }),
        Zb = void 0,
        Am = function(g, O, a, C, k) {
            if ((k = g[0], k) == u) O.V = 25, O.G(g);
            else if (k == f) {
                C = g[1];
                try {
                    a = O.C || O.G(g)
                } catch (b) {
                    y(b, O), a = O.C
                }
                C(a)
            } else if (k == ri) O.G(g);
            else if (k == L) O.G(g);
            else if (k == MF) {
                try {
                    for (a = 0; a < O.H.length; a++) try {
                        C = O.H[a], C[0][C[1]](C[2])
                    } catch (b) {}
                } catch (b) {}(0, g[1])(function(b, H) {
                    O.F(b, true, H)
                }, (O.H = [], function(b) {
                    (N(O, (b = !O.N.length, [RV])), b) && S(O, false, true)
                }))
            } else {
                if (k == XL) return a = g[2], v(311, O, g[6]), v(213, O, a), O.G(g);
                k == RV ? (O.D = [], O.u = null, O.j = []) : k == GV && "loading" === n.document.readyState && (O.S = function(b, H, V) {
                    n.document.addEventListener((V = (H = false, function() {
                        H || (H = true, b())
                    }), "DOMContentLoaded"), V, Z), n.addEventListener("load", V, Z)
                })
            }
        },
        l = function(g, O, a, C, k, b) {
            if (3 < ((a = ((b = F(501, (C = void 0, O && O[0] === w && (a = O[1], C = O[2], O = void 0), g)), 0) == b.length && (k = F(28, g) >> 3, b.push(a, k >> 8 & 255, k & 255), void 0 != C && b.push(C & 255)), ""), O) && (O.message && (a += O.message), O.stack && (a += ":" + O.stack)), O = F(116, g), O)) {
                C = (a = (a = a.slice(0, (O | 0) - 3), O -= (a.length | 0) + 3, P(a)), g).Z, g.Z = g;
                try {
                    B(191, g, I(a.length, 2).concat(a), 9)
                } finally {
                    g.Z = C
                }
            }
            v(116, g, O)
        },
        B = function(g, O, a, C, k, b) {
            if (O.Z == O)
                for (k = F(g, O), 191 == g ? (g = function(H, V, e, r) {
                        if ((e = (V = k.length, V | 0) - 4 >> 3, k.xr) != e) {
                            e = (r = [0, 0, (k.xr = e, b[1]), b[2]], (e << 3) - 4);
                            try {
                                k.kr = Od(r, uB(k, e), uB(k, (e | 0) + 4))
                            } catch (R) {
                                throw R;
                            }
                        }
                        k.push(k.kr[V & 7] ^ H)
                    }, b = F(227, O)) : g = function(H) {
                        k.push(H)
                    }, C && g(C & 255), O = 0, C = a.length; O < C; O++) g(a[O])
        },
        I = (G.prototype.TB = function() {
            return Math.floor(this.Y + (this.T() - this.O))
        }, function(g, O, a, C) {
            for (C = (a = (O | 0) - 1, []); 0 <= a; a--) C[(O | 0) - 1 - (a | 0)] = g >> 8 * a & 255;
            return C
        }),
        cB = function(g, O, a, C) {
            return (((C = F(289, O), O.j && C < O.R) ? (v(289, O, O.R), n2(O, g)) : v(289, O, g), f2)(O, a), v)(289, O, C), F(213, O)
        },
        n2 = function(g, O) {
            (g.c5.push(g.u.slice()), g).u[289] = void 0, v(289, g, O)
        },
        N = function(g, O) {
            g.N.splice(0, 0, O)
        },
        Q = function(g, O, a, C, k, b, H, V, e, r, R, J, E, h) {
            if ((h = F(289, O), h) >= O.R) throw [w, 31];
            for (C = (r = (H = h, 0), O.ab.length), J = g; 0 < J;) b = H >> 3, R = O.j[b], V = H % 8, E = 8 - (V | 0), E = E < J ? E : J, a && (e = O, e.o != H >> 6 && (e.o = H >> 6, k = F(367, e), e.v = Od([0, 0, k[1], k[2]], e.U, e.o)), R ^= O.v[b & C]), r |= (R >> 8 - (V | 0) - (E | 0) & (1 << E) - 1) << (J | 0) - (E | 0), J -= E, H += E;
            return v(289, O, (a = r, (h | 0) + (g | 0))), a
        },
        Db = function(g, O) {
            return (O = p(g), O) & 128 && (O = O & 127 | p(g) << 7), O
        },
        f2 = function(g, O, a, C, k, b) {
            if (!g.C) {
                g.P++;
                try {
                    for (C = (k = (b = void 0, g.R), 0); --O;) try {
                        if ((a = void 0, g).I) b = x2(g, g.I);
                        else {
                            if ((C = F(289, g), C) >= k) break;
                            b = (a = (v(28, g, C), W(g)), F(a, g))
                        }(b && b.call ? b(g, O) : l(g, [w, 21, a], 0), t)(false, O, g, false)
                    } catch (H) {
                        F(177, g) ? l(g, H, 22) : v(177, g, H)
                    }
                    if (!O) {
                        if (g.CK) {
                            f2(g, (g.P--, 536963536053));
                            return
                        }
                        l(g, [w, 33], 0)
                    }
                } catch (H) {
                    try {
                        l(g, H, 22)
                    } catch (V) {
                        y(V, g)
                    }
                }
                g.P--
            }
        },
        Ed = (((G.prototype.G = function(g, O) {
            return O = (g = {}, {}), Zb = function() {
                    return O == g ? 35 : 45
                },
                function(a, C, k, b, H, V, e, r, R, J, E, h, A, U, M) {
                    O = (R = O, g);
                    try {
                        if (r = a[0], r == L) {
                            A = a[1];
                            try {
                                for (h = (M = (b = atob(A), 0), C = [], 0); h < b.length; h++) V = b.charCodeAt(h), 255 < V && (C[M++] = V & 255, V >>= 8), C[M++] = V;
                                v((this.R = (this.j = C, this.j).length << 3, 367), this, [0, 0, 0])
                            } catch (K) {
                                l(this, K, 17);
                                return
                            }
                            f2(this, 8001)
                        } else if (r == u) a[1].push(F(116, this), F(191, this).length, F(10, this).length, F(283, this).length), v(213, this, a[2]), this.u[107] && cB(F(107, this), this, 8001);
                        else {
                            if (r == f) {
                                this.Z = (J = (H = I((F((C = a[2], 10), this).length | 0) + 2, 2), this).Z, this);
                                try {
                                    U = F(501, this), 0 < U.length && B(10, this, I(U.length, 2).concat(U), 10), B(10, this, I(this.X, 1), 109), B(10, this, I(this[f].length, 1)), b = 0, b -= (F(10, this).length | 0) + 5, b += F(398, this) & 2047, E = F(191, this), 4 < E.length && (b -= (E.length | 0) + 3), 0 < b && B(10, this, I(b, 2).concat(X(b)), 15), 4 < E.length && B(10, this, I(E.length, 2).concat(E), 156)
                                } finally {
                                    this.Z = J
                                }
                                if (k = (h = X(2).concat(F(10, this)), h[1] = h[0] ^ 6, h[3] = h[1] ^ H[0], h[4] = h[1] ^ H[1], this.pK(h))) k = "!" + k;
                                else
                                    for (b = 0, k = ""; b < h.length; b++) e = h[b][this.g](16), 1 == e.length && (e = "0" + e), k += e;
                                return (((v(116, (M = k, this), C.shift()), F(191, this)).length = C.shift(), F(10, this)).length = C.shift(), F)(283, this).length = C.shift(), M
                            }
                            if (r == ri) cB(a[1], this, a[2]);
                            else if (r == XL) return cB(a[1], this, 8001)
                        }
                    } finally {
                        O = R
                    }
                }
        }(), G).prototype.pK = function(g, O, a, C) {
            if (C = window.btoa) {
                for (a = (O = "", 0); a < g.length; a += 8192) O += String.fromCharCode.apply(null, g.slice(a, a + 8192));
                g = C(O).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else g = void 0;
            return g
        }, G).prototype.wq = 0, function(g, O, a, C, k) {
            (k = (k = (O &= (a = O & 3, 4), W(g)), C = W(g), F)(k, g), O) && (k = P("" + k)), a && B(C, g, I(k.length, 2)), B(C, g, k)
        }),
        m9 = function(g, O, a, C) {
            C = W(g), a = W(g), B(a, g, I(F(C, g), O))
        },
        sd = function(g, O, a, C) {
            for (C = (a = W(g), 0); 0 < O; O--) C = C << 8 | p(g);
            v(a, g, C)
        },
        vB = function(g, O, a) {
            return O.F(function(C) {
                a = C
            }, false, g), a
        },
        S = function(g, O, a, C, k, b) {
            if (g.N.length) {
                ((g.L && 0(), g).L = true, g).Qo = a;
                try {
                    b = g.T(), g.O = b, g.s = 0, g.B = b, C = WB(a, g), k = g.T() - g.O, g.Y += k, k < (O ? 0 : 10) || 0 >= g.V-- || (k = Math.floor(k), g.D.push(254 >= k ? k : 254))
                } finally {
                    g.L = false
                }
                return C
            }
        },
        WB = (G.prototype.B5 = 0, G.prototype[MF] = [0, 0, 1, 1, 0, 1, 1], function(g, O, a, C) {
            for (; O.N.length;) {
                C = (O.S = null, O.N.pop());
                try {
                    a = Am(C, O)
                } catch (k) {
                    y(k, O)
                }
                if (g && O.S) {
                    (g = O.S, g)(function() {
                        S(O, true, true)
                    });
                    break
                }
            }
            return a
        }),
        $2, t = function(g, O, a, C, k, b, H, V, e) {
            if (((a.Z = (k = (e = (V = ((H = 0 < a.K && a.L && a.Qo && 1 >= a.P && !a.I && !a.S && (!C || 1 < a.J - O) && 0 == document.hidden, g = g ? 255 : C ? 5 : 2, C) || a.s++, (b = 4 == a.s) || H ? a.T() : a.B), V - a.B), e >> 14), a.U && (a.U ^= k * (e << 2)), k) || a.Z, a).X += k, b) || H) a.s = 0, a.B = V;
            if (!H || V - a.O < a.K - g) return false;
            return !(((H = F((a.J = O, C) ? 28 : 289, a), v(289, a, a.R), a).N.push([ri, H, C ? O + 1 : O]), a).S = D, 0)
        },
        Jm = /./,
        FL = L.pop.bind(G.prototype[u]),
        zV = function(g, O) {
            return (O = bB()) && 1 === g.eval(O.createScript("1")) ? function(a) {
                return O.createScript(a)
            } : function(a) {
                return "" + a
            }
        }(($2 = hm({get: FL
        }, (Jm[G.prototype.g] = FL, G.prototype.A)), G.prototype.Rb = void 0, n));
    40 < (z = n.botguard || (n.botguard = {}), z.m) || (z.m = 41, z.bg = eA, z.a = C2), z.NFD_ = function(g, O, a) {
        return a = new G(O, g), [function(C) {
            return vB(C, a)
        }]
    };
}).call(this);
                                    

Executed Writes (0)



HTTP Transactions (86)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: katieniehaus.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         15.197.142.173
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 06 Jul 2022 22:28:31 GMT
Content-Length: 83
Connection: keep-alive
Location: https://katieniehaus-minnesota.sites.cbmoxi.com/
Server: ip-100-74-2-174.eu-west-2.compute.internal
X-Request-Id: bbb922d2-60c1-4e6d-aaa9-ba848578d768


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   83
Md5:    21733f7f85f52a8b76a00e5e3f7868bf
Sha1:   6046117edb67687b727e3ed2eeebf3dcc9cef11f
Sha256: efa40407939e14a974ec70fe221377bde37d2d93de34c5df6b97f2f2ccfb1d5f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 21:56:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yRdXzhkT1lTd42X90C4mx-X3Izwar6Ierq5Xhy17hgxmVBmdmG51Qw==
Age: 1937


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666"
Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19018
Expires: Thu, 07 Jul 2022 03:45:30 GMT
Date: Wed, 06 Jul 2022 22:28:32 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dGOpJr0kjsAlC0bxDc7kJ3bi6xGxCIO7l3P5CguJ39Xorhnc-fzXEA==
age: 68507
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 06 Jul 2022 21:31:36 GMT
Expires: Wed, 06 Jul 2022 21:58:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cToesuaDcf4zRviDwTCNw2yNMsLdkVitJ9AUtYa2Xx0AA-2ru71A_Q==
Age: 3415


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3537
Cache-Control: max-age=124689
Date: Wed, 06 Jul 2022 22:28:33 GMT
Etag: "62c542d1-1d7"
Expires: Fri, 08 Jul 2022 09:06:42 GMT
Last-Modified: Wed, 06 Jul 2022 08:07:45 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:33 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 19:53:51 GMT
Expires: Mon, 11 Jul 2022 19:53:51 GMT
ETag: DEA9F5AEFBB67B21BCA40C4EF1A6898C2FDF61D3
Cache-Control: max-age=422117,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp13
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726bc62a4fd0fac0-OSL

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7jdBUGFLu4ifvgcydPm5Rw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.149.64.225
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4wSlbgE3I5RHUBvlXPTCCqlW5IM=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4381
Expires: Wed, 06 Jul 2022 23:41:35 GMT
Date: Wed, 06 Jul 2022 22:28:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4381
Expires: Wed, 06 Jul 2022 23:41:35 GMT
Date: Wed, 06 Jul 2022 22:28:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4381
Expires: Wed, 06 Jul 2022 23:41:35 GMT
Date: Wed, 06 Jul 2022 22:28:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7192054c-7e5b-4546-987b-855c570bbb49.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11347
x-amzn-requestid: e2dfaacb-8d65-4c1b-b80d-4c1738f3c5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UETFLBIAMFVDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c60081-2e2e91ae5b9e70783c9a881c;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w1n67avALa5vHsnmB9N4EQVVNmp1vdGyk7a1g8ks5MfyUS3cD0JzRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:54:16 GMT
age: 2058
etag: "0db9a1fc9497fd959a0d8bd5b0be9ec7d07b88dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11347
Md5:    7a683b77a0f9687b16c597f12dc251a6
Sha1:   0db9a1fc9497fd959a0d8bd5b0be9ec7d07b88dd
Sha256: 3dad493b0e56ba51a8935be9f72db63e66b5feaac7debd0c4f0052162c777f7c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b3c96c9-a522-4ac7-b26d-8a493fdad54e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5833
x-amzn-requestid: b1906d58-4339-4e95-933b-111b98d7e7f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UEfHnwIAMFSNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c60082-7ae16f081c0a62cc04191bf0;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dImAFhuRZxCSOGV-GrPighqY6j2UV_ZrVJ7YoplNcaMcyhZZZdBeDA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:50:56 GMT
age: 2258
etag: "9e45ca5390279272ab7991b250cd035c569db6c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5833
Md5:    0c8f6d61cb2fa1b87748d6ea53f21678
Sha1:   9e45ca5390279272ab7991b250cd035c569db6c9
Sha256: 1f909a49d5f85085e8ebc982bf8e2d0fc4f94b2f01946d0c7dbb232020ce5e8f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6737
x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeP9ZG93oAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:53:29 GMT
age: 66905
etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6737
Md5:    44f59062cacc44be268845c493de29de
Sha1:   5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f
Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5ba04b2-c104-4fac-8249-270ee1574999.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9584
x-amzn-requestid: a8caf546-a8be-4625-965d-1ce79febe166
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UEJFp_IAMFyAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c60080-3ccff4541c02cfe21f8247fc;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jhnwq0r_lLWPaxV7tNT1ZbNJJLkZ2uf0gxU6XjUHS_W6aSWptDY_SA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:55:59 GMT
etag: "e3c1ac5024fe0dfde1477fc11baca6eee7cf2ef3"
content-type: image/jpeg
age: 1955
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9584
Md5:    7e12ff38b93cd936b227ebc630da7c21
Sha1:   e3c1ac5024fe0dfde1477fc11baca6eee7cf2ef3
Sha256: 7281ce812f0178e0e0e5387c055f234b890997e2f88568826ccfed55fc26eea3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93a8f62c-f477-4f86-b38f-9cf50f26ba6b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9435
x-amzn-requestid: 350dbee2-f49b-472b-9a5f-90b02e87f615
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UotFAbIAMFhmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c6016a-1de7a99c73563b870db79db6;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:40:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3Qsv7VRNCSlGqPVaHmNyvQJi9qiO7fQFEC81jar7-qYxvR6V86uNjg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:54:16 GMT
age: 2058
etag: "e11de922533e84447d5051ffbe8a3ccdbe2614fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9435
Md5:    e9ea64f1082e78d01093dfc138de477c
Sha1:   e11de922533e84447d5051ffbe8a3ccdbe2614fd
Sha256: 4808f3ad9ca2e7110b565be70050f8595478c830a627afcbcd19bad211cb0c69
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc206c557-59f9-4388-9fb5-c531bfc1e267.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7535
x-amzn-requestid: d1a7164d-2136-46bd-a831-e4f63cc4572c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ui9cvEC1IAMFzJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bddc51-356395610daf2005680c880a;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 17:24:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kbzgCnimfo1GLw3fn2wZtQXklbYocoPM-ly7DtTI3yFfLzPijLLBTw==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:09:15 GMT
age: 69559
etag: "1b289e6ddd5c29de34cd087ce8913d494622ed79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7535
Md5:    46c17cd5132fb117423c755afc8d2ff4
Sha1:   1b289e6ddd5c29de34cd087ce8913d494622ed79
Sha256: 1d741918a2e9e46f18aa3ec463c490541a5528fb8edc74d95fd23034ebf602f0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:33 GMT
server: Apache
expires: Wed, 06 Jul 2022 22:33:35 GMT
link: <https://katieniehaus-minnesota.sites.cbmoxi.com/wp-json/>; rel="https://api.w.org/"
last-modified: Wed, 06 Jul 2022 22:28:35 GMT
x-renderedpage: true
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
v-backend: dugout12-pr
x-varnish: 883262143
age: 0
via: 1.1 varnish (Varnish/6.5)
cache-control: private, max-age=0
accept-ranges: bytes
transfer-encoding: chunked
x-app-server: varnish_dugout/dugout-varnish21-pr


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38198)
Size:   55419
Md5:    d8a5d90363875f42fb50f539686f2aa0
Sha1:   2917315270dc3da4220f9ec59e3e7204f7ecda78
Sha256: 76330c08c47a4c64006652461e65cd539a1eeeb65e59d820d57a4cf7e8cab29f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-TLSCP7N HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Jul 2022 22:28:35 GMT
expires: Wed, 06 Jul 2022 22:28:35 GMT
cache-control: private, max-age=900
last-modified: Wed, 06 Jul 2022 21:04:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44830
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2698)
Size:   44830
Md5:    e63a5d9c539d23974f414df736e7e784
Sha1:   6c7baca6049cca4b4f821e620d163946c943066a
Sha256: f135a2e88c3cd904e6ab320c9c3969f33cc0616bd0d57595eb7daaf839a11f5f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /npm/@moxiworks/project-vitruvius@0.0.21/build/project-vitruvius-icons.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 0.0.21
x-jsd-version-type: version
etag: W/"ee0-UDdmY3iQg1jsYRjjBrpjwMtt8hU"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 06 Jul 2022 22:28:35 GMT
age: 2498686
x-served-by: cache-fra19161-FRA, cache-bma1666-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 947
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3808), with no line terminators
Size:   947
Md5:    35da1612f025b5d2c779355c99721f7a
Sha1:   8584ca21b8fed5d7b752054c693e817d71f1beda
Sha256: d4b8f0ed0400f246c6fae55900ea211b2be218c00dcb1bf2b01a39f29bf6c3e7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.42
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Jul 2022 03:58:50 GMT
expires: Mon, 03 Jul 2023 03:58:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
age: 325785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   31017
Md5:    7808e0e4b7a714230373852158500533
Sha1:   4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
Sha256: 8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=c5ab281bf250743676a199dd61461615 HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:35 GMT
server: Apache
last-modified: Tue, 14 Jun 2022 23:07:22 GMT
cache-control: max-age=86400
expires: Thu, 07 Jul 2022 22:28:35 GMT
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-length: 35730
content-type: text/css
v-backend: dugout12-pr
x-varnish: 931202122
age: 0
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish22-pr


--- Additional Info ---
Magic:  ASCII text, with very long lines (58981)
Size:   35730
Md5:    00492d322e5572c7abc3e8701b6c52c1
Sha1:   0802ac2c8280ce7c98af881b1d49ec682acbf314
Sha256: 8bc01632cbc3ab834e04141d444ff82b05a4691444d70a9860477710e330b824
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?render=6LdmtrYUAAAAAAHk0DIYZUZov8ZzYGbtAIozmHtV&ver=A.3.49.20220610.2 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
                                        
expires: Wed, 06 Jul 2022 22:28:35 GMT
date: Wed, 06 Jul 2022 22:28:35 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (884), with no line terminators
Size:   582
Md5:    62e50497fb90934796e4bd218a17a5b5
Sha1:   638ab51a6ed3b764e9fd621c43da77a5b5b37f60
Sha256: c5d3250c8c21562235d4f65f343cf6051df742d34093a2e7f3fe262ecb47bef4
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "68495AC7B469B40E7D01FA9914C877FD649C6E82"
Expires: Thu, 07 Jul 2022 09:00:00 GMT
Last-Modified: Wed, 06 Jul 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 446
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 726bc63ad851b509-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    bb34ccc3cd8ef5f30f7bcaa2323ff062
Sha1:   801437cb62639ef6c93c9b155dbfcff906477213
Sha256: bd5c3990ff27bac9bfb75220b06d804a71d8b086a0e9c5dddfeb06d3fee2c4c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps/api/js?v=3&client=gme-windermeresolutions&libraries=places&channel=websites&language=en&region=US&ver=A.3.49.20220610.2 HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.234
HTTP/2 200 OK
                                        
content-type: text/javascript; charset=UTF-8
date: Wed, 06 Jul 2022 22:28:35 GMT
expires: Wed, 06 Jul 2022 22:58:35 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 54292
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2485)
Size:   54292
Md5:    0def7a3f476d598cc2b37e2c4ffe8924
Sha1:   dee366bf107602d52fc55cf929e2f664901a6016
Sha256: ba96a2cde23c9dfcccf3d698bb3e4c01d04a71c740706056d9655a5247c679d2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bs.min.js?ver=1657146515.4596681e8b HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:35 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-store
vary: Accept-Encoding
content-encoding: gzip
content-length: 270
content-type: application/javascript
v-backend: dugout11-pr
x-varnish: 883917362
age: 0
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish21-pr


--- Additional Info ---
Magic:  ASCII text, with very long lines (500), with no line terminators
Size:   270
Md5:    bb692abf97fb0d9da3df5533e557034f
Sha1:   972929a19ff1f7a908270c5f6e00b071ff14513b
Sha256: 04f50053d61dab3b69698c7c59e94f02b9dadf0dbaeb52fe3a18fb8954d170a7
                                        
                                            GET /wp-content/plugins/bwp-minify/cache/minify-b-auth-91661b850f702ea46e796a303ec89db6.js?ver=A.3.49.20220610.2 HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Tue, 14 Jun 2022 23:08:56 GMT
server: Apache
vary: Accept-Encoding
last-modified: Tue, 14 Jun 2022 23:07:58 GMT
content-length: 37208
cache-control: public, max-age=2592000
expires: Wed, 15 Jun 2022 23:08:56 GMT
content-type: application/x-javascript
content-encoding: gzip
v-backend: dugout11-pr
x-varnish: 932643933 1072924577
age: 1898379
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish22-pr


--- Additional Info ---
Magic:  ASCII text, with very long lines (3627)
Size:   37208
Md5:    4dec2d3711a436c86ac99976bccdcd52
Sha1:   c74388dc12c73b338a391a0f4bae1cacc99ef0ff
Sha256: 0192a7b926e963088cd3c623d186bbe5d67edd37770a19c9f102c64cb6e061d3
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=c5ab281bf250743676a199dd61461615 HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:35 GMT
server: Apache
last-modified: Tue, 14 Jun 2022 23:07:56 GMT
cache-control: max-age=86400
expires: Thu, 07 Jul 2022 22:28:35 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4930
content-type: application/javascript
v-backend: dugout13-pr
x-varnish: 933528540
age: 0
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish22-pr


--- Additional Info ---
Magic:  ASCII text, with very long lines (15224)
Size:   4930
Md5:    3179794486ec4ca8f59329ccd67ae3e1
Sha1:   4b9c6e22ee7966479ef9844259f39f19d584f4a4
Sha256: 6e616b83910943042f683d5d21691f7e15aca8e2d8d154ff8f35bf09c612297a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:36 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 18:35:50 GMT
Expires: Tue, 12 Jul 2022 18:35:50 GMT
ETag: 3151F808DD784947960157930E3394941B7E5974
Cache-Control: max-age=503833,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726bc63d39cefac0-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:36 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 05 Jul 2022 18:35:50 GMT
Expires: Tue, 12 Jul 2022 18:35:50 GMT
ETag: 3151F808DD784947960157930E3394941B7E5974
Cache-Control: max-age=503833,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp16
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726bc63d5818b4fd-OSL

                                        
                                            GET /wp-content/plugins/bwp-minify/cache/minify-b-flexslider-d402f7dcf598ef8b460cc2e58b193742.js?ver=A.3.49.20220610.2 HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Tue, 14 Jun 2022 23:08:00 GMT
server: Apache
vary: Accept-Encoding
last-modified: Tue, 14 Jun 2022 23:07:58 GMT
content-length: 80482
cache-control: public, max-age=2592000
expires: Wed, 15 Jun 2022 23:08:00 GMT
content-type: application/x-javascript
content-encoding: gzip
v-backend: dugout13-pr
x-varnish: 884113619 998965819
age: 1898434
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish21-pr


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (18810)
Size:   80482
Md5:    16fb0aa6cd8776b73bb498930f9ef4bb
Sha1:   4a3a5936f12a8014110f9f5560e9a3a81a94c512
Sha256: 1db8bfc0c0180af85abda47548f8cbb045ba0e68bf35bc3d514f282fff05515d
                                        
                                            GET /css?family=Roboto:300,400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Jul 2022 22:28:35 GMT
date: Wed, 06 Jul 2022 22:28:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39777)
Size:   56199
Md5:    88f0d51be12bf28f26ed4e9e9bf872d2
Sha1:   dc746ee6bc511131a732c1a9b0067049d6510825
Sha256: ab82c277c7d0cbe72eb2c649e3eb03a12d0c32f0477353211107475ca770493e
                                        
                                            GET /service/v1/auth/javascripts/iframelogin/jquery.iframelogin.min.js?ver=A.3.49.20220610.2 HTTP/1.1 
Host: svc.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:36 GMT
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 19:12:10 GMT
transfer-encoding: chunked
etag: W/"62bdf58a-9522"
content-encoding: gzip
x-app-server: wms_svc_auth/svc17-pr


--- Additional Info ---
Magic:  ASCII text, with very long lines (567)
Size:   14899
Md5:    035a254816c3867a474a58c3be71d2b9
Sha1:   809e5620ba7faf8ec9eec563f8dbeab02ecbb37a
Sha256: 4bbf9bb16dc574ee26806617fa445c2fa08c7e32c35476fcdf251c39efb3cac8
                                        
                                            GET /wp-content/plugins/bwp-minify/cache/minify-b-thickbox-c9f1ac4d10271921b65df940585b53c7.js?ver=A.3.49.20220610.2 HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Tue, 14 Jun 2022 23:08:06 GMT
server: Apache
vary: Accept-Encoding
last-modified: Tue, 14 Jun 2022 23:08:02 GMT
content-length: 150297
cache-control: public, max-age=2592000
expires: Wed, 15 Jun 2022 23:08:06 GMT
content-type: application/x-javascript
content-encoding: gzip
v-backend: dugout11-pr
x-varnish: 882803684 999817224
age: 1898429
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish21-pr


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (55841)
Size:   150297
Md5:    9281e40a1518e388ed3e1a6f0acbfbce
Sha1:   2baf91976b59bd4ca55e48da0eacf7a7fe57af17
Sha256: fc6b20a4edc6a4e9a9f449ec2994798fa0fbf0ddeb57724a318c7925824a1d0c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/mx_pages/neighborhood-news/images/NN_devices-238x160.png HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:36 GMT
server: Apache
last-modified: Tue, 14 Jun 2022 23:07:21 GMT
content-length: 11146
cache-control: max-age=86400
expires: Thu, 07 Jul 2022 22:28:36 GMT
content-type: image/png
v-backend: dugout12-pr
x-varnish: 929006932
age: 0
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish22-pr


--- Additional Info ---
Magic:  PNG image data, 238 x 160, 8-bit colormap, non-interlaced\012- data
Size:   11146
Md5:    d44ccbb36b818dc008c5ab202c4e5e91
Sha1:   8571e99ce2c2da776a7d1ce0f6cbb44a0d93904f
Sha256: 7b88b12b4925fcd2f7bbf4e53c11eaa21347f94632d18ac964e7dbb664cf22ee
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/mx_pages/neighborhood-news/images/NN_couple_crop-1200x187.jpg HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:36 GMT
server: Apache
last-modified: Tue, 14 Jun 2022 23:07:54 GMT
content-length: 22092
cache-control: max-age=86400
expires: Thu, 07 Jul 2022 22:28:36 GMT
content-type: image/jpeg
v-backend: dugout13-pr
x-varnish: 883000120
age: 0
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish21-pr


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x187, components 3\012- data
Size:   22092
Md5:    1a6785b2a53c3027e44b9e0199f12090
Sha1:   b425ef9bd8103dd3a7857366ed0c14b460bcf9ed
Sha256: 59669880ad8fd6a7859531cd2883ae5b36a04f3a8b0e665e24f2f44f4bdbdffb
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://katieniehaus-minnesota.sites.cbmoxi.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Jul 2022 19:34:08 GMT
expires: Thu, 06 Jul 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 10468
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://katieniehaus-minnesota.sites.cbmoxi.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Jul 2022 19:34:08 GMT
expires: Thu, 06 Jul 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 10468
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://katieniehaus-minnesota.sites.cbmoxi.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Jul 2022 19:34:21 GMT
expires: Thu, 06 Jul 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 10455
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Size:   15740
Md5:    b9c29351c46f3e8c8631c4002457f48a
Sha1:   e57e59c5780995ff2937ab2b511a769212974a87
Sha256: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://katieniehaus-minnesota.sites.cbmoxi.com
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.234
HTTP/2 200 OK
                                        
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 06 Jul 2022 22:28:36 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://katieniehaus-minnesota.sites.cbmoxi.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   23
Md5:    e3981ca10169a319d5aa062bf43a5fa1
Sha1:   2c6ed584767b65688ce99b1ebe1a3b7448a67421
Sha256: 8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
                                        
                                            GET /?dm=00164603406b466b48561326ac9cc77b&action=load&blogid=72975&siteid=1&t=1141368706&back=https%3A%2F%2Fkatieniehaus-minnesota.sites.cbmoxi.com%2F HTTP/1.1 
Host: dugout.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:36 GMT
server: Apache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: private, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
v-backend: dugout12-pr
x-varnish: 881918299
age: 0
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish21-pr

                                        
                                            GET /static/images/br/cb/CB_B_PNS_Horizontal.png HTTP/1.1 
Host: images-static.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx/1.4.6 (Ubuntu)
date: Wed, 06 Jul 2022 22:28:36 GMT
content-type: image/png
content-length: 24720
last-modified: Thu, 13 May 2021 21:49:22 GMT
etag: "609d9ee2-6090"
accept-ranges: bytes
x-app-server: static_image_host/client11-pr


--- Additional Info ---
Magic:  PNG image data, 2074 x 267, 8-bit/color RGBA, non-interlaced\012- data
Size:   24720
Md5:    8c1859b9473688e37a9d7bda3eed98c0
Sha1:   381dca310e74df51cdacc2c0009693880ba3c70e
Sha256: e040ec9d25554dfef5bd099827b44f38489ad47dd4511583a2ee107f8d2e2c94
                                        
                                            GET /static/images/br/cb/CB_W_PNS_Horizontal.png HTTP/1.1 
Host: images-static.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx/1.4.6 (Ubuntu)
date: Wed, 06 Jul 2022 22:28:36 GMT
content-type: image/png
content-length: 21169
last-modified: Thu, 13 May 2021 21:49:28 GMT
etag: "609d9ee8-52b1"
accept-ranges: bytes
x-app-server: static_image_host/client12-pr


--- Additional Info ---
Magic:  PNG image data, 2051 x 282, 8-bit/color RGBA, non-interlaced\012- data
Size:   21169
Md5:    d5397417268dec145af419a4b1fffd3f
Sha1:   884eb874f4b56ac6152d5a74e920f7957fec0b16
Sha256: 5b4ee160869ee82b510c0eb4eb506978a304e586b26e70a91a1f342e86c98ee9
                                        
                                            GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://katieniehaus-minnesota.sites.cbmoxi.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:36 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 04/09/2022 08:19:45
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: d770a7281a715af6bfa2ff029bcdd2dc
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 726bc63f6e8eb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116506
Date: Wed, 06 Jul 2022 22:28:36 GMT
Etag: "62c527d2-1d7"
Expires: Fri, 08 Jul 2022 06:50:22 GMT
Last-Modified: Wed, 06 Jul 2022 06:12:34 GMT
Server: ECS (dcb/7F5F)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Pi_-ZsWUdlymNCOHd8rKXu8clqEkMPBaV82MVa0NatgGAdPbEy3Fpg==
Age: 2268

                                        
                                            GET /wp-includes/js/thickbox/loadingAnimation.gif HTTP/1.1 
Host: katieniehaus-minnesota.sites.cbmoxi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         64.246.164.134
HTTP/1.1 200 OK
                                        
date: Wed, 06 Jul 2022 22:28:36 GMT
server: Apache
last-modified: Tue, 14 Jun 2022 23:07:56 GMT
content-length: 15238
cache-control: max-age=86400
expires: Thu, 07 Jul 2022 22:28:36 GMT
content-type: image/gif
v-backend: dugout13-pr
x-varnish: 934412809
age: 0
via: 1.1 varnish (Varnish/6.5)
accept-ranges: bytes
x-app-server: varnish_dugout/dugout-varnish22-pr


--- Additional Info ---
Magic:  GIF image data, version 89a, 416 x 26\012- data
Size:   15238
Md5:    ce2268030dd2151b63cdf4ffc2f626ba
Sha1:   15280f21eb43f5fa7838dcf011f67d79e301b15f
Sha256: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
                                        
                                            GET /img-pr/a/269dbebe-63cc-4632-9966-a5c510974e46/0_1_full.jpg HTTP/1.1 
Host: i6.moxi.onl
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 06 Jul 2022 22:28:36 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: public, max-age=86400
Content-Length: 8170
X-HW: 1657146516.dop067.sk1.t,1657146516.cds223.sk1.shn,1657146516.dop067.sk1.t,1657146516.cds214.sk1.s,1657146516.dop211.se2.r,1657146516.cds215.se2.c,1657146516.cds214.sk1.p
v-cache: MISS
v-age: 0
v-host: varnish12-pr
x-app-server: varnish_ivs_2/varnish12-pr


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x240, components 3\012- data
Size:   8170
Md5:    4cbeb64d4847500e6f41fc10e3ba07bb
Sha1:   00aa8c17cca03c499ec367d3538a47c95688887e
Sha256: 08a4c677ac4dfcc4ab97a8cae61f1dfe2e352b35a3cef8497987103baa891814
                                        
                                            GET /service/v1/auth/users/current.json?company_uuid=4223299&callback=jQuery360046835640482431173_1657146515849&send_from_agent=true&from_aws=true&from_app=aws:https://katieniehaus-minnesota.sites.cbmoxi.com&source=agent%20website&source_display_name=Agent%20Website&site_type=Agent%20Website&_=1657146515850 HTTP/1.1 
Host: svc.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:31 GMT
content-type: text/javascript; charset=utf-8
transfer-encoding: chunked
x-frame-options:
x-xss-protection: 0
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
etag: W/"2839a4cc0301ce51e58fe5cdd74edfd3"
cache-control: max-age=0, private, must-revalidate
set-cookie: _auth_session_id=e06cf7d7c9cb5bd2ea5c12d439ef6636; path=/; HttpOnly _auth_session_id_stutter=e06cf7d7c9cb5bd2ea5c12d439ef6636; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 9d844544-27be-4f2d-b468-36b14cd32584
x-runtime: 0.005046
content-encoding: gzip
x-app-server: wms_svc_auth/svc15-pr


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   84
Md5:    87814bd84114e399f4c49c8371fe8aea
Sha1:   9dca4a3c575aabea0995bfe4ed6eca0858907335
Sha256: e4f0f5daa07c595ae18833f5941c01c8ca86eabd59fdc8ed64b592db1ee29349
                                        
                                            GET /service/v1/auth/images/ajax-loader.gif HTTP/1.1 
Host: svc.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:36 GMT
content-type: image/gif
content-length: 3951
last-modified: Thu, 30 Jun 2022 19:12:10 GMT
etag: "62bdf58a-f6f"
accept-ranges: bytes
x-app-server: wms_svc_auth/svc17-pr


--- Additional Info ---
Magic:  GIF image data, version 89a, 128 x 15\012- data
Size:   3951
Md5:    674da56466c7b4efc2da99257baece22
Sha1:   1c4631dd3983de1ce40f00fae426b0b28b11c24a
Sha256: c85ab34c0ffc6a71386c7e0ef87386f203992b46a3f519510f40545717f85400
                                        
                                            GET /service/v1/auth/users/current.json?company_uuid=4223299&callback=jQuery360046835640482431173_1657146515851&send_from_agent=true&from_aws=true&from_app=aws:https://katieniehaus-minnesota.sites.cbmoxi.com&source=agent%20website&source_display_name=Agent%20Website&site_type=Agent%20Website&_=1657146515852 HTTP/1.1 
Host: svc.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:36 GMT
content-type: text/javascript; charset=utf-8
transfer-encoding: chunked
x-frame-options:
x-xss-protection: 0
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
etag: W/"4f79b9bd0f8fa0313415e820cc3d9081"
cache-control: max-age=0, private, must-revalidate
set-cookie: _auth_session_id=6d489305a853bfb57d73291b24855e50; path=/; HttpOnly _auth_session_id_stutter=6d489305a853bfb57d73291b24855e50; path=/; HttpOnly; Secure; SameSite=None
x-request-id: a413514a-05ed-415f-a11e-01f492b77301
x-runtime: 0.003954
content-encoding: gzip
x-app-server: wms_svc_auth/svc16-pr


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   84
Md5:    9a6a98581ac7b0f804ce732711be5f89
Sha1:   b649e088508db9de12938d89376c3d30a20cad4a
Sha256: 21062b3303b72452e8838317299639c6576b5c968086649763b9fcf0250aefd8
                                        
                                            GET /location?rapidapi-key=mKTYRiJxjxmshhou6VAm18RBVSJkp1eyJLYjsn6w8rRmBQPjDW&callback=jQuery360046835640482431173_1657146515853&send_from_agent=true&from_aws=true&from_app=aws:https://katieniehaus-minnesota.sites.cbmoxi.com&source=agent%20website&source_display_name=Agent%20Website&site_type=Agent%20Website&_=1657146515854 HTTP/1.1 
Host: telize-v1.p.rapidapi.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.192.193.11
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Date: Wed, 06 Jul 2022 22:28:37 GMT
Server: RapidAPI-1.2.8
X-RapidAPI-Region: AWS - eu-central-1
X-RapidAPI-Version: 1.2.8
X-RateLimit-requests-Limit: 100000
X-RateLimit-requests-Remaining: 69973
X-RateLimit-requests-Reset: 63542
Content-Length: 390
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (389)
Size:   390
Md5:    f4d9577b4820ad160212ae901183b54d
Sha1:   ec848995d22f62c04118903105f9757f50dd3749
Sha256: 0000b1ae74dca6d6bdaf57e9c315bc72aa7118276b872c718a9c5ef90302d00e
                                        
                                            GET /service/v1/auth/users/current.json?company_uuid=4223299&callback=jQuery360046835640482431173_1657146515845&send_from_agent=true&from_aws=true&from_app=aws:https://katieniehaus-minnesota.sites.cbmoxi.com&source=agent%20website&source_display_name=Agent%20Website&site_type=Agent%20Website&_=1657146515846 HTTP/1.1 
Host: svc.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:31 GMT
content-type: text/javascript; charset=utf-8
transfer-encoding: chunked
x-frame-options:
x-xss-protection: 0
x-content-type-options: nosniff
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
etag: W/"222a527d9c4df67379f52c6e7b31c5ad"
cache-control: max-age=0, private, must-revalidate
set-cookie: _auth_session_id=f2c1c9c3d9c9d89215184eb1d840b1f0; path=/; HttpOnly _auth_session_id_stutter=f2c1c9c3d9c9d89215184eb1d840b1f0; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 4d79c376-d21e-4545-b4e5-03169f4b001b
x-runtime: 0.004560
content-encoding: gzip
x-app-server: wms_svc_auth/svc15-pr


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   84
Md5:    ada909d14c452acbd8d64cdc0986e570
Sha1:   fb57338e14e69bb488fd6b1c4ada19e764729be5
Sha256: a675b9f4cd8ad797e952c9e7d0ffe51081086780d9a206eb80b70f071d9af8af
                                        
                                            GET /service/v1/profile/mls?callback=jQuery360046835640482431173_1657146515843&send_from_agent=true&from_aws=true&from_app=aws:https://katieniehaus-minnesota.sites.cbmoxi.com&source=agent%20website&source_display_name=Agent%20Website&site_type=Agent%20Website&_=1657146515844 HTTP/1.1 
Host: svc.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:36 GMT
content-type: text/javascript; charset=utf-8
transfer-encoding: chunked
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-headers: FROM_APP, FROM-APP
etag: W/"f09f198b768d9138df7471ab810ae13c"
cache-control: max-age=0, private, must-revalidate
x-request-id: aaeaa3b0-c870-4fe8-820d-4b269aee68f2
x-runtime: 0.335213
content-encoding: gzip
x-app-server: wms_svc_profile/svc19-pr


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Size:   63441
Md5:    e30ce6e99a3a64d04c504641f5855bfa
Sha1:   bdfe6a68f42510cba50be426db845daf8e2f76c1
Sha256: 7fa9e9f4a3309fc7f704ba27f6289ddb6553732652a90bd305feda0db1f7705e
                                        
                                            GET /static/images/br/cb/cb_homebackground_03032022.jpg HTTP/1.1 
Host: images-static.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx/1.4.6 (Ubuntu)
date: Wed, 06 Jul 2022 22:28:36 GMT
content-type: image/jpeg
content-length: 282419
last-modified: Thu, 03 Mar 2022 17:30:30 GMT
etag: "6220fb36-44f33"
accept-ranges: bytes
x-app-server: static_image_host/client13-pr


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   282859
Md5:    c5171120f36f4a6baa26d56e0eff4fd4
Sha1:   81000d90abe80695cda69401ce6d09db121db420
Sha256: 91c9178cbaeaecb51e94db2d15c3f3dcdbbfbaf52788c506cc31383e00c1ebd2

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /service/v1/branding/company?callback=jQuery360046835640482431173_1657146515847&send_from_agent=true&from_aws=true&from_app=aws:https://katieniehaus-minnesota.sites.cbmoxi.com&source=agent%20website&source_display_name=Agent%20Website&site_type=Agent%20Website&company_uuid=4223299&agent_uuid=269dbebe-63cc-4632-9966-a5c510974e46&office_uuid=14452686&_=1657146515848 HTTP/1.1 
Host: svc.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:38 GMT
content-type: text/javascript; charset=utf-8
transfer-encoding: chunked
status: 200 OK
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-headers: FROM_APP, FROM-APP
cache-control: max-age=360, private
x-request-id: 72842701-c8ce-44ed-a304-fc03ff8e41b6
x-runtime: 0.198656
content-encoding: gzip
x-app-server: wms_svc_branding/svc11-pr


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65506), with no line terminators
Size:   32430
Md5:    d8160551726dcbdd21d6f81652777d38
Sha1:   58e8a9fe2cbbb0a5e00b96a2808f5715ca60450b
Sha256: 95e08a3e21e148c8988bd374acb27f17ec34d862b19935663625d44044d3c8cb
                                        
                                            GET /service/v1/branding/bypass/google/1234567/google_bypass.js?send_from_agent=true&from_aws=true&from_app=aws:https://katieniehaus-minnesota.sites.cbmoxi.com&source=agent%20website&source_display_name=Agent%20Website&site_type=Agent%20Website&_=1657146515855 HTTP/1.1 
Host: svc.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Cookie: _auth_session_id_stutter=f2c1c9c3d9c9d89215184eb1d840b1f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 22:28:31 GMT
content-type: application/javascript
last-modified: Thu, 27 Aug 2020 18:03:39 GMT
transfer-encoding: chunked
etag: W/"5f47f57b-82e3"
content-encoding: gzip
x-app-server: wms_svc_branding/svc15-pr


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF, LF line terminators
Size:   4963
Md5:    036679711dd04a2f6c0e8889a25d195d
Sha1:   992e66864fbf969dbcabdfbbf20b98ae0f6ce259
Sha256: 4eb7d6566e98b73e7b1c55026a1c110190e598bf05a7c9abf470e266f108e207
                                        
                                            GET /recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://katieniehaus-minnesota.sites.cbmoxi.com
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 146545
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Jul 2022 15:55:56 GMT
expires: Thu, 06 Jul 2023 15:55:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
content-type: text/javascript
age: 23561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (618)
Size:   146545
Md5:    edbca8e066da9cd6310dada3c125ccf4
Sha1:   22f45ed309e828212484a03cc7d0e629834e8a76
Sha256: fcab033160e1ba423ad7a42e0bd67ec5820e1ed6751765de935960e502e623f0
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 06 Jul 2022 20:41:12 GMT
expires: Wed, 06 Jul 2022 22:41:12 GMT
cache-control: public, max-age=7200
age: 6445
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            POST /j/collect?v=1&_v=j96&a=463340111&t=pageview&_s=1&dl=https%3A%2F%2Fkatieniehaus-minnesota.sites.cbmoxi.com%2F&ul=en-us&de=UTF-8&dt=Katie%20Niehaus&sd=24-bit&sr=1280x1024&vp=1268x1024&je=0&_u=IEBAAAABAAAAAC~&jid=1141100172&gjid=7232077&cid=872620262.1657146517&tid=UA-134100643-1&_gid=194082006.1657146517&_r=1&_slc=1&z=126202622 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://katieniehaus-minnesota.sites.cbmoxi.com
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
access-control-allow-origin: https://katieniehaus-minnesota.sites.cbmoxi.com
date: Wed, 06 Jul 2022 22:28:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    9e92e190700c1af4539b40c2171320a9
Sha1:   209bcdb79e6067b51091ce8586d4b977f25b67d8
Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
                                        
                                            GET /static/images/br/cbwest/favicon.ico HTTP/1.1 
Host: images-static.moxiworks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         64.246.164.140
HTTP/1.1 200 OK
                                        
server: nginx/1.4.6 (Ubuntu)
date: Wed, 06 Jul 2022 22:28:37 GMT
content-type: image/x-icon
content-length: 8062
last-modified: Tue, 27 Oct 2020 17:22:54 GMT
etag: "5f98576e-1f7e"
accept-ranges: bytes
x-app-server: static_image_host/client12-pr


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 50x50, 24 bits/pixel\012- data
Size:   8062
Md5:    b14eb15ac9f6fc3f69e7be23309d1480
Sha1:   a7c56f235249a1abe455d7024faadefcb44da49c
Sha256: 893a3a45309b6cf82d41e73ee7ed918180f16b504f7263f9a2c6fc97d879cf66
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24237
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Jul 2022 20:57:37 GMT
expires: Thu, 06 Jul 2023 20:57:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
content-type: text/css
age: 5460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (52582), with no line terminators
Size:   24237
Md5:    ec402764b2fb92b326877d7277f07782
Sha1:   fba4f5fecb18e69e95e023f58849704a1e6a509d
Sha256: ed7618cbed54662d615c4dccbf0d3f1245fed3fb584e398a9c74e76378331f89
                                        
                                            GET /recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 146545
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Jul 2022 15:55:56 GMT
expires: Thu, 06 Jul 2023 15:55:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
content-type: text/javascript
age: 23561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (618)
Size:   146545
Md5:    edbca8e066da9cd6310dada3c125ccf4
Sha1:   22f45ed309e828212484a03cc7d0e629834e8a76
Sha256: fcab033160e1ba423ad7a42e0bd67ec5820e1ed6751765de935960e502e623f0
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-134100643-1&cid=872620262.1657146517&jid=1141100172&gjid=7232077&_gid=194082006.1657146517&_u=IEBAAAAAAAAAAC~&z=1953560129 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://katieniehaus-minnesota.sites.cbmoxi.com
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.194.222.157
HTTP/2 200 OK
                                        
access-control-allow-origin: https://katieniehaus-minnesota.sites.cbmoxi.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 06 Jul 2022 22:28:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 02 Jul 2022 12:31:58 GMT
expires: Sun, 02 Jul 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 381400
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size:   15344
Md5:    5d4aeb4e5f5ef754e307d7ffaef688bd
Sha1:   06db651cdf354c64a7383ea9c77024ef4fb4cef8
Sha256: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 01 Jul 2022 00:48:31 GMT
expires: Sat, 01 Jul 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 510007
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size:   15552
Md5:    285467176f7fe6bb6a9c6873b3dad2cc
Sha1:   ea04e4ff5142ddd69307c183def721a160e0a64e
Sha256: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:38 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 06:56:32 GMT
Expires: Mon, 11 Jul 2022 06:56:32 GMT
ETag: C932DF536E39496DEF9A2B6BC775400CBB2AA923
Cache-Control: max-age=375473,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp5
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726bc6497864fac0-OSL

                                        
                                            GET /img-pr/i/04c367aea4b80852c3f02a8369aaee175cffa981/0_2_raw.jpg HTTP/1.1 
Host: moxi4.ssl.hwcdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         205.185.208.154
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 06 Jul 2022 22:28:38 GMT
Connection: Keep-Alive
Cache-Control: public, max-age=86400
Content-Length: 5133
Accept-Ranges: bytes
v-cache: MISS
v-age: 0
v-host: varnish14-pr
x-app-server: varnish_ivs_4/varnish14-pr
X-HW: 1657146517.dop201.sk1.t,1657146518.cds226.sk1.shn,1657146518.dop201.sk1.t,1657146518.cds013.sk1.c


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x160, components 1\012- data
Size:   5133
Md5:    f57e11623874f9a48a284c28401a1749
Sha1:   7fb0ad3d07ca6175a266296d4a224319c2d02a14
Sha256: 8215a9326d96bb8b61df023b804dd2125d2ccffbcaebba98beb6b67a4ed01b06
                                        
                                            GET /nr-1216.min.js HTTP/1.1 
Host: js-agent.newrelic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.86.137
HTTP/2 200 OK
                                        
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 06 Jul 2022 22:28:38 GMT
via: 1.1 varnish
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 117
x-timer: S1657146518.205395,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32022)
Size:   14391
Md5:    b7c09cc097b2847f9edc784adba62dcb
Sha1:   5aa648623cf5e3b4b215fe5d068a7904c59f2925
Sha256: 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
                                        
                                            GET /1/5666f1a412?a=1115821481&v=1216.487a282&to=NlEGN0QED0tXVkRcDg8bMRFfSghWUlBIGxEJRA%3D%3D&rst=6458&ck=1&ref=https://katieniehaus-minnesota.sites.cbmoxi.com/&ap=1945&be=3474&fe=6242&dc=4696&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1657146511389,%22n%22:0,%22f%22:300,%22dn%22:322,%22dne%22:847,%22c%22:847,%22s%22:989,%22ce%22:1217,%22rq%22:1217,%22rp%22:1358,%22rpe%22:1358,%22dl%22:3338,%22di%22:4475,%22ds%22:4696,%22de%22:4702,%22dc%22:6241,%22l%22:6241,%22le%22:6248%7D,%22navigation%22:%7B%7D%7D&fcp=4545&at=GhYFQQweHEU%3D&jsonp=NREUM.setToken HTTP/1.1 
Host: bam.nr-data.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         162.247.241.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 06 Jul 2022 22:28:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 726bc64ba976fac0-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=82232a528782a734; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   77
Md5:    f1442f5831dbbe0210da2d7a4180d6b8
Sha1:   2ade23c6c7a001c66f0c0a9a101ec152747b434e
Sha256: c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
                                        
                                            GET /beacon.js HTTP/1.1 
Host: disutgh7q0ncc.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://katieniehaus-minnesota.sites.cbmoxi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.121
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 20:47:48 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 05:14:59 GMT
ETag: W/"868f6d1dd84dba55783ee6d42410e40e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PMmsyoC1N0iRW7po5PMCjLUQ-SQB7Ch5OjEjpBsd0q254NILJZj3nA==
Age: 62029


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (31984)
Size:   63484
Md5:    8c6adec2016e9cb67568315e364e81a6
Sha1:   106ea8eb710dcf35963737bb0644a53295bf6644
Sha256: 9f454c666ddf34d0147907e50fc2d1564d7cadcb7419767b39f645e028064e15
                                        
                                            POST /s/gts1d4/3r4dsICZvQI HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 22:28:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN