Overview

URL go.gkrtmc.com/aff_c?offer_id=7234&aff_id=58165&aff_sub5=messenger
IP172.255.248.105
ASNSERVERS-COM
Location Luxembourg
Report completed2022-08-28 21:26:05 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-08-28 2 go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-08-28 16:46:48 UTC 93.184.220.29
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-08-28 04:43:45 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (2) 8877 2012-05-23 12:41:44 UTC 2022-08-28 15:56:13 UTC 142.250.74.10
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-28 04:49:25 UTC 44.238.190.151
mnemonic passive DNS rkkmj.dirtyteenagers.com (1) 0 2022-06-04 10:18:21 UTC 2022-08-25 16:54:19 UTC 52.19.101.114 Domain (dirtyteenagers.com) ranked at: 396638
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-08-28 04:43:52 UTC 23.36.77.32
mnemonic passive DNS cdn-dimi.akamaized.net (20) 0 2022-07-07 13:18:25 UTC 2022-08-28 16:14:17 UTC 184.31.15.67 Domain (akamaized.net) ranked at: 280
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-28 05:48:36 UTC 143.204.55.25
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-08-28 04:47:14 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-28 04:11:28 UTC 34.120.237.76
mnemonic passive DNS go.gkrtmc.com (4) 0 2022-01-24 12:45:18 UTC 2022-08-28 18:14:02 UTC 172.255.248.105 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-28 10:15:13 UTC 143.204.55.35


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.255.248.105

Date UQ / IDS / BL URL IP
2022-11-29 01:56:09 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4178&aff_id=6162 (...) 172.255.248.105
2022-11-29 00:43:04 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4178&aff_id=4392 (...) 172.255.248.105
2022-11-28 18:45:09 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-28 15:13:48 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-26 23:16:13 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4898&aff_id=6217 (...) 172.255.248.105

Last 5 reports on ASN: SERVERS-COM

Date UQ / IDS / BL URL IP
2022-11-29 01:56:09 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4178&aff_id=6162 (...) 172.255.248.105
2022-11-29 01:43:02 +0000
0 - 0 - 1 morbidlocally.com/ 173.233.137.60
2022-11-29 00:43:04 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4178&aff_id=4392 (...) 172.255.248.105
2022-11-29 00:26:26 +0000
0 - 0 - 2 www.highperformancecpmgate.com/wupep7k28y 173.233.137.52
2022-11-28 22:58:36 +0000
0 - 0 - 5 inslutty.com/ 23.111.80.247

Last 5 reports on domain: gkrtmc.com

Date UQ / IDS / BL URL IP
2022-11-29 01:56:09 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4178&aff_id=6162 (...) 172.255.248.105
2022-11-29 00:43:04 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4178&aff_id=4392 (...) 172.255.248.105
2022-11-28 18:45:09 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-28 15:13:48 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-26 23:16:13 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4898&aff_id=6217 (...) 172.255.248.105

No other reports with similar screenshot



JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (51)


Request Response
                                        
                                            GET /aff_c?offer_id=7234&aff_id=58165&aff_sub5=messenger HTTP/1.1 
Host: go.gkrtmc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.255.248.105
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Sun, 28 Aug 2022 21:25:54 GMT
Content-Length: 162
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 27 Sep 2022 21:25:54 GMT test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
Location: aff_c?offer_id=4856&aff_id=58165&aff_sub5=messenger
Vary: Accept
Cache-Control: no-store, no-cache


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   162
Md5:    a34acec9feace06e12c5e3ac7b8ecfef
Sha1:   f51ef3e05fe84b0d68f3c418a4930ff8fda6ad99
Sha256: f96750507f77a4687778057ad58e71cd6ae55a0d6d1da4a3757d2b3e73c2c006
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4993
Expires: Sun, 28 Aug 2022 22:49:07 GMT
Date: Sun, 28 Aug 2022 21:25:54 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 28 Aug 2022 20:25:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eGIXMPxz94wzjOSl7Q7XuPzmXaHq6gsxomoma0miOmkwxGiACne2tA==
Age: 3599


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 27 Aug 2022 22:35:58 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YWRnVqUkkWEzhRrCAPSpSLqXf5J4toxfDn-o0NaBrrFca7YUPdc9YA==
age: 82196
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /aff_c?offer_id=4856&aff_id=58165&aff_sub5=messenger HTTP/1.1 
Host: go.gkrtmc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: language=en
Upgrade-Insecure-Requests: 1

                                         
                                         172.255.248.105
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Sun, 28 Aug 2022 21:25:54 GMT
Content-Length: 496
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 27 Sep 2022 21:25:54 GMT test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT 4856=37_58165_4856_6f1519a688d27c4097cd5c00496842ed; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 27 Sep 2022 21:25:54 GMT op_4856=0; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 27 Sep 2022 21:25:54 GMT user_id=bb49de1a-1f76-40e3-b7b4-f42feacf0216_da4a58f99b9ce349a2d850ccfd4c1eb7; Domain=go.gkrtmc.com; Path=/; Expires=Fri, 27 Aug 2027 21:25:54 GMT; Secure; SameSite=None
Location: /rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1
Vary: Accept
Cache-Control: no-store, no-cache


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (496), with no line terminators
Size:   496
Md5:    e3babbe87324059d8f5654456a13b68f
Sha1:   82be127751be7f002a7d8479f247945406439747
Sha256: 87339ab4a4b8e2b0e25f8832d8a12b75d645ee0fe56696421fd92b01ce7c58b7
                                        
                                            GET /rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1 HTTP/1.1 
Host: go.gkrtmc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: language=en; 4856=37_58165_4856_6f1519a688d27c4097cd5c00496842ed; op_4856=0
Upgrade-Insecure-Requests: 1

                                         
                                         172.255.248.105
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 28 Aug 2022 21:25:54 GMT
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   255
Md5:    997bfcab4e7a51023ff8da026ed4374a
Sha1:   35d15ad133e52c1b9dea0b3696a8719521387a9e
Sha256: 070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 28 Aug 2022 21:25:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: go.gkrtmc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.dirtyteenagers.com%2Fc%2F1d58d0084e854e5f%3Fs1%3D20904%26s2%3D876347%26s3%3D58165%26s5%3D%26click_id%3D37_58165_4856_6f1519a688d27c4097cd5c00496842ed%26j1%3D1%26j3%3D1%26j5%3D1%26j8%3D1%26j9%3D1
Cookie: language=en; 4856=37_58165_4856_6f1519a688d27c4097cd5c00496842ed; op_4856=0

                                         
                                         172.255.248.105
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 28 Aug 2022 21:25:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   123
Md5:    c728bf241d9141b8d3100ae5140e09c5
Sha1:   07f0da1bdfadd0354b090781f1e3264ac22b6c39
Sha256: 34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F9A3516205D2AC6E7C9596C0622C8FCDA40A1433F5C31BA2E0038D26603D1562"
Last-Modified: Sun, 28 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14822
Expires: Mon, 29 Aug 2022 01:32:57 GMT
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 28 Aug 2022 21:17:12 GMT
Cache-Control: max-age=3600
Expires: Sun, 28 Aug 2022 21:42:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hRkfkF5X4MpxOF0eX1LPy9zs45OV-82YBJcnsC5AoaBkQl0SvIYKxg==
Age: 523


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /landings/272467/1651156469/js/function.js?1651156469 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: q0U2tZOJNnbFVM3fzkR8KDFXGeLASyMJtl/QidjJcbRvf2JMHOGXgBC/aTQKn61v7sbXPmOIKoc=
x-amz-request-id: WAYR8AHXY4ZX55Q1
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "9fd4fc63fa92401630001a683af5337c"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 1664
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   1664
Md5:    7d0ea0bb0a721384f49fe3bb48d62f14
Sha1:   f361d8725c7e07b9ba73d1b960cc5abc9e2110d2
Sha256: 4e1455940d28871be9cdcdf74964601950ba44dfbbbd6d033f1029c04f66fb74
                                        
                                            GET /landings/272467/1651156469/css/popup.css?1651156469 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: 9jwNMekiNJlH1NvGw2vkBEMac1iAN0q8f3JG5x1nh00ZjrSf0pEwFrzllhT3JXNDyyGLDNhiV28=
x-amz-request-id: WAYR7VQ189K3WMBZ
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "32395a25e9d49bea1b5e82464274387f"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 621
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   621
Md5:    d460524cb378ad1c0c5e5e511bd09e1b
Sha1:   9f0f3529eb498bc4eab26766064fab90c2848d50
Sha256: cd7c12c13371ea9d7c66971dbc66e982efefd25841b09b3546557eb2672340e2
                                        
                                            GET /landings/272467/1651156469/js/translate.js?1651156469 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 821nM9hRcgwDpfACwvbSsAh6tzM6SHB+q28M5uwS8WiMXUpjPU3uq6BAIvRyzzft/n6ce6hTF18=
x-amz-request-id: WAYZN328WN0T811Q
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "550af8d0290ff0ea48907f82fc414e57"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 9638
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   9638
Md5:    8badcfd10587c70d58dad12af8fea761
Sha1:   c472af3c395b8ae13cc14e5f15ca29e6abe174f4
Sha256: 3c14fc5fa9340e501d21ac34143f896f8951450534b47798d0ee0af453d930f2
                                        
                                            GET /landings/272467/1651156469/js/jquery-2.2.4.min.js?1651156469 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: hmwSt7vSCZuhTHh1HpLksgDpyG1P+0Ng37aTDh82nAsZm5aTP2YzLrBvErYaz4MlbUtnjRM4L9Y=
x-amz-request-id: WAYZ5KQ911QFT5HR
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29855
Md5:    2fa28552f1ee4e1382ee43930b53afb8
Sha1:   803670da6a35378bf4eb73acc8e72fe4feb5ca30
Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
                                        
                                            GET /landings/272467/1651156469/js/captcha_v4.js?1651156469 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: HWuJHiZn8iREpEF1Lu5Ryy9xYQOpwIG5yrijXDsL0eOuM6unPVhPRG8ZZyEzV77HeE09L8BlISw=
x-amz-request-id: 7A334BEVGJ4J67HK
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "da989376f05bfd7e90d84af530d556cc"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 1779
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   1779
Md5:    4d446df27c0abb4af02cbb5d24d326ae
Sha1:   f189b21578f8501027767fd3179660709140d7c8
Sha256: 36b3517f9e903488039b7328041d4a4871e62cf557d89f00ab71bd9a661675b3
                                        
                                            GET /landings/272467/1651156469/css/main.css?1651156469 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: 9KaBLP2/upJpHaHfLrsFK7KC989GCsKKeTXIFFKC81IfsWZKoWhjS8tHC3VNlA2ll25K5e9L1zA=
x-amz-request-id: WAYJZ62ARTE0V263
Last-Modified: Thu, 28 Apr 2022 16:22:07 GMT
ETag: "6dff8ffa072de95f8e836abcf6096a66"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 2050
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  troff or preprocessor input, ASCII text
Size:   2050
Md5:    66d6d9020919e9b5c27a2686a4be2e8a
Sha1:   424af44ead724157bf9612f235c97d580299303c
Sha256: d77aae4d1d38e0f093d68a9260557e82b723d068b8b0d029e211effa0c0ec3f3
                                        
                                            GET /landings/272467/1651156469/css/css.css HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/272467/1651156469/css/main.css?1651156469
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: C9tQeGi5/2tgcqL0fIFg8ELGwZFragSloinQwUJk7gf2YpUi3cdKeJZgXooBGlmBig4LpIpm5WY=
x-amz-request-id: WAYV00F9DARXTGV4
Last-Modified: Thu, 28 Apr 2022 16:22:07 GMT
ETag: "2a423589b966f0d0aae2eba461e9d14b"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Length: 487
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   487
Md5:    172f67a42aff3511bec6b56b9a38202f
Sha1:   197e73f41b5e3bf7752459477d00fe1809000317
Sha256: d252ca52974e7a1e4f2b7d01210fe8d6a592f391026af7897b0b5b852358a59f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1849
Cache-Control: 'max-age=158059'
Date: Sun, 28 Aug 2022 21:25:55 GMT
Last-Modified: Sun, 28 Aug 2022 20:55:06 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/272467/1651156469/images/blocked-icon.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: rj3SFkCBdJcBkvWFRdANyGUx6o2zy9TJFJO9ftlSrA0V4upKO+AkYGyOkMc7v71HwIFbOPKKy5Y=
x-amz-request-id: 1ENNBGYNSV2745M7
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 502
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   502
Md5:    87487ad255dde0624f59abb85602defc
Sha1:   caafad17df41875bed690353ead6cc495a9bf8c2
Sha256: f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/272467/1651156469/images//blocked-icon.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: rj3SFkCBdJcBkvWFRdANyGUx6o2zy9TJFJO9ftlSrA0V4upKO+AkYGyOkMc7v71HwIFbOPKKy5Y=
x-amz-request-id: 1ENNBGYNSV2745M7
Last-Modified: Thu, 28 Apr 2022 16:22:08 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 502
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   502
Md5:    87487ad255dde0624f59abb85602defc
Sha1:   caafad17df41875bed690353ead6cc495a9bf8c2
Sha256: f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d
                                        
                                            GET /landings/272467/1651156469/images//1_01.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: zWXtpH3cI9sXlszsdLo0glQdCJ+Q9m5zNEVNE8cm5wWk3MY8ocMWdkrNvBAxCuNa84uXQdZ9BN0=
x-amz-request-id: 20GYY1YG5D9QDBA9
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "c055214619483e5aa9d107f8774cd537"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4418
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size:   4418
Md5:    c055214619483e5aa9d107f8774cd537
Sha1:   572410e2bfbf6c6e56fd8e0f9ee6be66aaef8794
Sha256: 7bf1f67bd28f031724eb22cc5430d09a754ee9cd77ba5694a436f69ba0bca384
                                        
                                            GET /css2?family=Cinzel:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Aug 2022 21:25:55 GMT
date: Sun, 28 Aug 2022 21:25:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6714
Md5:    54508ed67abcd974ef9d329820620427
Sha1:   afe1f099b1ea6573fa421e37b7b4611a3b55697f
Sha256: 9c9613d4e0f95ec3e6b27b17b9a529edae6dcbcd04c820a256a5b8e1b8032d06
                                        
                                            GET /landings/272467/1651156469/images//1_05.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: uPbQ+bJAKvXrM8+eSGbs8K5Vy6CChBG65iul4B4bVLGub2UDQtVFr78AksemJdMUqOAZkCfveVA=
x-amz-request-id: SFHN4CM81VA221A8
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "e53dfbbdc4b9eacea79802f8844391b3"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 7514
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size:   7514
Md5:    e53dfbbdc4b9eacea79802f8844391b3
Sha1:   cb0775e9475c80fe99969c38a4a5183d725373df
Sha256: 41910f202c17ed6631f2dd0715f7fc3112ff48ee042d7986206b0fca81c1e5e9
                                        
                                            GET /landings/272467/1651156469/images//1_04.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: s62YhYxuSPIbfqd/tBBub5RuxLImCc/QdY9hqqVHg2DCls19JIDB07ZDmypnS82yOdCjpBG7XVY=
x-amz-request-id: SFHS5TWPSYN8RS87
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "7ec11c7760a6a5a5de22f6fc453b4ddc"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 5344
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size:   5344
Md5:    7ec11c7760a6a5a5de22f6fc453b4ddc
Sha1:   f40cf305a40946b5060aec3a307261efada4468a
Sha256: ec18bd62f2438e936d8cdf2ea310159ab74561f41e99dae10c38d955e44cb5a3
                                        
                                            GET /landings/272467/1651156469/images//1_03.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: 2K3a7ke9vJqDl0LWC+TIZ3G2z6SCixOzzw8xKtLTwsuTByFfjqfKV5RGYufTpRsV0BFCpfw2leU=
x-amz-request-id: 20GZNP4AVK7M3TNW
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "24a4ee91af3e16776caa218e0ef4f35b"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 3836
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size:   3836
Md5:    24a4ee91af3e16776caa218e0ef4f35b
Sha1:   cbe972685220dc7ce658b6b458ed93452aea7e90
Sha256: 71f511d132a578fa822b73d3951ddc683e90cb211a988d85ea8473533e6bc44f
                                        
                                            GET /landings/272467/1651156469/images//1_06.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: IkgEFAjVRlBBDaflGslCvAn1QJNhIl9iAmEdbGMVBzPli1B8GCOjzDVOERecwJILuLj7PHaubSg=
x-amz-request-id: SFHHT7WDE778PKNK
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "8b5ecef44b9507ed6adb209e0cfb4569"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 7103
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size:   7103
Md5:    8b5ecef44b9507ed6adb209e0cfb4569
Sha1:   9c30c2ab27b513110da27307ae510d36b603df85
Sha256: f7e01e564ceaa70552260fd6998c98972926decc802e13196df9a40e9e3bcdae
                                        
                                            GET /landings/272467/1651156469/images//1_07.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: GeHvUbpad2TA532OSh5+qn1+25VqhFmkkcOUw7vvvG2DVvAJDDmvcsKw+76n12drADIkKC1DnVc=
x-amz-request-id: SFHWEVYAVVDXZRR8
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "e3bb22992ae95c6aaa3c234f945ac770"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 5242
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size:   5242
Md5:    e3bb22992ae95c6aaa3c234f945ac770
Sha1:   ad0f44086781d2eff1e6397dac8eccfeb932bfd0
Sha256: d6ee1ba746e78956661c2616cbe8255e4bc6f6c0c6fdc379140f610e8ad5d30e
                                        
                                            GET /landings/272467/1651156469/images//1_08.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: 2+0JUNRBtZzqyvdS27NAM5m1dH37D5bNJkZAaZyMRpdfhqHU9hzPr4GF+/Gg9qUZSRIi9Whjg34=
x-amz-request-id: SFHVW40EEVQT404B
Last-Modified: Thu, 28 Apr 2022 16:22:07 GMT
ETag: "8170bbf94084b43ddb4ff577301b80da"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 10441
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size:   10441
Md5:    8170bbf94084b43ddb4ff577301b80da
Sha1:   2c2d1a83305fdf7acb0ea8abe6c25e77de0d21da
Sha256: f69cb6a0a0ec9255edd4269011e7d6d5cef74f2475936cec3ec96f3a9b4438f8
                                        
                                            GET /landings/272467/1651156469/images//1_09.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: XulJZtx+y7XxaGrLDy4KFUD8JB686CXAl6c4wwL7+plt0E6iDEscA66LwE+4M+6TZHOhYLfki3E=
x-amz-request-id: FQ4VXAT52873JZCJ
Last-Modified: Thu, 28 Apr 2022 16:22:07 GMT
ETag: "66c24e49341e4959fafdfc09d3ac9f0d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 5946
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 125x239, components 3\012- data
Size:   5946
Md5:    66c24e49341e4959fafdfc09d3ac9f0d
Sha1:   1b527772a5105eddfa42d926c897f88a3fc8be88
Sha256: 8af75c87ce4cd57acf9b6085be9830fe19ef1e0a2e3767fc06214bd03fd3d282
                                        
                                            GET /landings/272467/1651156469/images/JTUSjIg1_i6t8kCHKm459WlhzQ.woff HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rkkmj.dirtyteenagers.com
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
x-amz-id-2: X6onjQNmx7+MUX8E6+g9YijfSVc6DGu9/P9rF4FngTvCqaYYh/76SSeRCoKbcfMMlfbdpPqmmUQ=
x-amz-request-id: 1ENHTT00GGXY085E
Last-Modified: Thu, 28 Apr 2022 16:22:05 GMT
ETag: "8102c4838f9e3d08dad644290a9cb701"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 23480
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 23480, version 1.1\012- data
Size:   23480
Md5:    8102c4838f9e3d08dad644290a9cb701
Sha1:   5af1938d1327395f47c84e57b6ba7756234d2262
Sha256: 60cebea4c9183f51fbd323f14dd729e18768be4f6395467013216ae36526cf9c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 28 Aug 2022 21:25:55 GMT
date: Sun, 28 Aug 2022 21:25:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   13841
Md5:    c16883534e5149c1291829310779bb5c
Sha1:   184017d915a661a5f4eced7c77f7d5a9666b6fd3
Sha256: 2983c1a35cbd0b667c13f4eb29aa45a08dadddb2af24d576ce1d428e35503619
                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
x-amz-id-2: 3PLd1JbxzMUZnvLfJ08LlqJVa0X1bm3g8lDKKuDaPcpHRGpUOyvL763tb+Zgy/zeSb8kMvb/P10=
x-amz-request-id: 2XWP9N688THY1C8H
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4103
Date: Sun, 28 Aug 2022 21:25:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   4103
Md5:    4cdf3256cd7b8ec3917adb79d6bf457e
Sha1:   bc615337e9223183a126c8fb649774866fb53e69
Sha256: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2ajNMFpGkigb7feEyhIJrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.238.190.151
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EzAqbVFb963Zx9QOj7jPSha37dc=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 28 Aug 2022 21:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3128
Expires: Sun, 28 Aug 2022 22:18:04 GMT
Date: Sun, 28 Aug 2022 21:25:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ffd5e13-a021-41cd-b8a0-c47ab5824b67.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6143
x-amzn-requestid: b714dab3-5fd9-49ab-85c3-be842523fe5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitbkFZRIAMF5pQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f7d-61caf56c26c2365762b0165d;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:41:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tmJzZhBRPLy8YUEJZ1Ha17ySrq77JD3nZFNTZY8GNc5dvKPVVpPmZQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:53:51 GMT
age: 84725
etag: "d4034cc5264cce974cc6c5e38a712170fe2640cf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6143
Md5:    85306ac4e917d959101d95a326ecede9
Sha1:   d4034cc5264cce974cc6c5e38a712170fe2640cf
Sha256: dc10c89e607d309e9f9b5ef5856a2775bc0e96629a09a03641af3fc8a7b6f468
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7505
x-amzn-requestid: 66ed5a9b-1b9c-40c4-b757-7c13e9dc6410
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitJxFFSIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f0b-24404d4f7a2cae8f4c3bcb97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:39:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: r5P4oNSmxtoViJUfOF5jx7lWb9H1mGWPalhuWVplCADHXoUU_lcccg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:11:06 GMT
etag: "ec62fa681d45d696fc7308fede11cd16979594fd"
age: 83690
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7505
Md5:    ef5729bf444dd3cc7b8e7945187e09ee
Sha1:   ec62fa681d45d696fc7308fede11cd16979594fd
Sha256: 34d5df4a669399f171489c9cd0f90a53eea21c35c1ccd310df39cc356c9922cd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0c25f-9ee9-4270-8c84-3f4087fa909d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11901
x-amzn-requestid: 830f99b6-b678-4ad4-913f-94923fa289e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitVpFJWIAMFo1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f57-64bfc0256b49c9351c59a0a3;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HOIciw-U_MePRwtV_1mbSpSwrMq4jUTo5K6Tm4kBmd-jvOptN1dbvA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:09:02 GMT
age: 83814
etag: "aa2f0fdb2fcfb0e6d33f520baf0d69af261129e4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11901
Md5:    e619074d7134995ce35ea8e904053165
Sha1:   aa2f0fdb2fcfb0e6d33f520baf0d69af261129e4
Sha256: a725cb2c6eddc63bdf463943f3ed045b564471e3a32f911caba37d82a7c1f0f3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c51c541-314b-4130-a3af-d06caf60bb7b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7058
x-amzn-requestid: 9059da6e-9360-445d-8605-e05f29234b44
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiuGcGYqoAMFRfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a908f-3faf9a64271fb8a02010d3e5;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:45:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IevbIr8ZUpryBbm6-c5-3MXJ4eXrXrHxTFGNl3-alDedXci9AzRzxw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:24:08 GMT
etag: "0c0aa0266043aa373afb74a15ab605fba7ceb654"
age: 82908
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7058
Md5:    d86049a1b34617a0d41fb4ef97009303
Sha1:   0c0aa0266043aa373afb74a15ab605fba7ceb654
Sha256: 02bcd4310d68f5cffd90c1cced9e9789876f3c51c1edb21f9b0dec1e659118b6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10824
x-amzn-requestid: abf116d5-7ffd-4100-bbbb-f8ebcc903e48
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJqgGfToAMFfmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307230f-058b88810d3d902475af52a3;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:21:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 1QjI_En26B7SLes62WrxkEODPzBCDiUUo8ttH3vOUYsTTTo-ucHIqA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 07:43:27 GMT
age: 49349
etag: "96e49f02f48d8e212335722d7a95eba9b21050de"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10824
Md5:    e0a52aaf6cfd3c91ef396ec21e668634
Sha1:   96e49f02f48d8e212335722d7a95eba9b21050de
Sha256: edd20b6a1790cc65fd16f64e6e58c01140d814ffb27a6fe6f41c7dc285a76b2b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6921
x-amzn-requestid: 727cc3c0-9535-43cf-8aa6-1f46d74a5e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xis-bGrXIAMF6ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8ec2-4794034041513a7022688600;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s_ITjoM4nQ-z0l4iSmsxpbalk2wXhRMjw_00b6NbSh5MCHvFApfPpg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:10:01 GMT
age: 83755
etag: "54ebcbafcc02053b2e9477ef29e89c9924abb9e0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6921
Md5:    f492a725bd0ff1ffb9bda36a618c8163
Sha1:   54ebcbafcc02053b2e9477ef29e89c9924abb9e0
Sha256: bbe69be8f14be3d6fdf09fee9cfdcee5847875bc9f6f6097e4afe1692553c125
                                        
                                            GET /c/1d58d0084e854e5f?s1=20904&s2=876347&s3=58165&s5=&click_id=37_58165_4856_6f1519a688d27c4097cd5c00496842ed&j1=1&j3=1&j5=1&j8=1&j9=1 HTTP/1.1 
Host: rkkmj.dirtyteenagers.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://go.gkrtmc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         52.19.101.114
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Sun, 28 Aug 2022 21:25:55 GMT
set-cookie: unique_id=630bdd6300022ca6; Path=/; Expires=Thu, 27 Oct 2022 21:25:55 GMT; Secure; SameSite=None unique_id2=630bdd630003cbe3; Path=/; Expires=Sat, 26 Nov 2022 21:25:55 GMT; Secure; SameSite=None 630bdd630003cbe3_c=1; Path=/; Expires=Sat, 26 Nov 2022 21:25:55 GMT; Secure; SameSite=None ref_token=20904; Path=/; Expires=Tue, 27 Sep 2022 21:25:55 GMT; Secure; SameSite=None impression=; Path=/; Expires=Sun, 28 Aug 2022 21:25:55 GMT; Secure; SameSite=None 630bdd630003cbe3_sl=[272467]; Path=/; Expires=Sun, 11 Sep 2022 21:25:55 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /landings/272467/1651156469/images/2.mp4 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rkkmj.dirtyteenagers.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
x-amz-id-2: mAey8XDucWDlE6nAdJmulTWYFA+rP9xaFRKPT3w1fKCsOHrVN/ESdTacUyR9Fibc3+8vOS8W3H0=
x-amz-request-id: 1ENJHH16TC30F9AR
Last-Modified: Thu, 28 Apr 2022 16:22:06 GMT
ETag: "8a5b2a8272d3f75839eaf91af309f6bc"
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 28 Aug 2022 21:25:55 GMT
Content-Range: bytes 0-1414763/1414764
Content-Length: 1414764
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---