Report - ads.istngo.com/1d9bad26-69ad-4c86-a80c-3398670fd745

Report Overview

Submitted URL
ads.istngo.com/1d9bad26-69ad-4c86-a80c-3398670fd745
IP
18.195.123.247
ASN
#16509 AMAZON-02
Submitted
2022-11-20 06:51:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.216.88.5
manager.production.almightypush.com	731001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	4.7 kB	3.136.143.215
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.35
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.5 kB	216.58.207.237
zeniocloud.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	167 B	167.114.67.56
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
static.production.almightypush.com	214819	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	56 kB	54.230.111.2
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	54.230.245.110
lh3.google.com	213	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	956 B	142.250.74.142
img.almightypush.com	70553	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426 B	94 kB	104.21.234.130
fuckthisgirl.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	864 B	583 B	172.67.149.70
alexatracker.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	964 B	104.21.85.99
ads.istngo.com	337465	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	1.3 kB	18.195.123.247
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	94 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-20	medium	zeniocloud.com/JAIA.js?sub1=fuckthisgirl.net	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	zeniocloud.com/JAIA.js?sub1=fuckthisgirl.net	601 B	2023-03-08	2023-03-26
Pretty URL zeniocloud.com/JAIA.js?sub1=fuckthisgirl.net IP 167.114.67.56 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:13 Last Seen2023-03-26 00:32:50 Times Seen2 Hash 0378dfcafcbfe2736cf1f9a5e7f5ebdb c2ab92d4b3d4705a447535719091d10f496c49a9 35a2dac4f4dae877685b6e1c97f79b0e24fb9ea83e1302315f02520a5f0f6308 Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606	179 B	2023-03-07	2023-03-17
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606 IP 172.67.149.70 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:48 Last Seen2023-03-17 10:36:59 Times Seen1 Hash b5f128838280a2b878490505a67f83d5 387b27b31be449717e21166ab6230cf2bade1792 667b0404735114261e05910c1b6cfae5e5aba57b5170ebc7ce432efd31c594c8 Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606	638 B	2023-03-07	2023-03-26
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606 IP 172.67.149.70 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2023-03-26 00:40:45 Times Seen3 Hash 79d9cc35bdb39e4c3ceaf353254dfb8e a0ca94a0befd785a5600f6fe7768fd3b8770f3b8 5978be09ebbfc769511412b3aa320e41e5acb65807f2352c4be07035b543d3cc Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606	325 B	2023-03-07	2023-03-17
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606 IP 172.67.149.70 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:48 Last Seen2023-03-17 10:36:59 Times Seen1 Hash 9f6ed474c88467d1097339cf1c621720 aee0dcd1f9cc0ecfc0d39a2c4cfcf5b864671037 18c34249b50a2f573689110419b07054a3ade361059fb454ea43a596bdc4f79f Loading...

	static.production.almightypush.com/mng/subs_window.js?ver=1624960645	20 kB	2023-03-07	2023-08-09
Pretty URL static.production.almightypush.com/mng/subs_window.js?ver=1624960645 IP 54.230.111.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2023-08-09 01:40:16 Times Seen694 Hash ae593f4be1dd1f0710123918b49c4933 66fbe30bb873e0a47d3d72e737d68aa4b6916c26 fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206 Loading...

	static.production.almightypush.com/mng/channels/init.min.js?ver=1624960645	22 kB	2023-03-07	2023-03-17
Pretty URL static.production.almightypush.com/mng/channels/init.min.js?ver=1624960645 IP 54.230.111.2 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:56:43 Last Seen2023-03-17 12:47:55 Times Seen1 Hash 2ea196bb9d9670ec138eb0c8c23e6696 b0876fd8c0c56c5d34368c16a829c040c23cbaba 1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7 Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/js/jquery-1.js	87 kB	2023-03-07	2023-03-17
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/js/jquery-1.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:48 Last Seen2023-03-17 10:36:59 Times Seen1 Hash 172fe99ce616421c35d25f9fd147896a d56c86ac8eed84767f51ecc2e02f2eee4cbbe317 fa256d2bbe755e7d5a6d21c51bd5cb1f519eb0e627c50f705a59d98f3ba9ab62 Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/js/custom.js	1.7 kB	2023-03-07	2024-02-19
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/js/custom.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-02-19 02:38:29 Times Seen12 Hash 703c59d25f4906776955c9c9be02591d 177de851468274cb4f13c02edcd9112c4f0280a5 8b945eb39d09edb3a11de8b4e54004ff17fae9f8bc4463018bb5d6ddaf6256ea Loading...

	alexatracker.com/jscode/JAIA.js?sub1=fuckthisgirl.net&sub2=&sub3=&sub4=&sub5=&prid=	7.7 kB	2023-03-11	2023-03-11
Pretty URL alexatracker.com/jscode/JAIA.js?sub1=fuckthisgirl.net&sub2=&sub3=&sub4=&sub5=&prid= IP 104.21.85.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:49:11 Last Seen2023-03-11 14:49:11 Times Seen1 Hash 592e1d68555063179d91b5b4d150ad43 375615416ed15827800cee1aa1827589cd698d5b 075c6de461c80f0121d684670d22080358da1f133f9c5f156390110f062432c0 Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/js/funciones.js	3.3 kB	2023-03-07	2023-03-26
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/js/funciones.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2023-03-26 00:40:45 Times Seen3 Hash 900cc9d3f86f98c45fb4193c6fc556f5 db92df6dedc005430411d0af7b274507563f6cbe e0f6c7148abae7fb9eee3af8fbf1c6ffa83deba6c864e397040b13362719e6fb Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606	1.9 kB	2023-03-07	2023-03-26
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606 IP 172.67.149.70 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2023-03-26 00:40:45 Times Seen3 Hash 919e22ea77faca024ea9faffb5cad49c 368caa602a7b063c322997d4cd1096eea51183c1 f80ae35adc42e50a73b374a9c1ad9bd489c2b5dc66355c61c880eb6f39ca19e9 Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/js/backoffer.js	430 B	2023-03-07	2024-04-18
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/js/backoffer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-18 09:54:54 Times Seen5794 Hash 6d5aa83d23ce0b9f72d3b87d000d8fae 034fb8768eb58ffc0b5849e2c162989741a6cbec 89266112a6c823b9c03dd5a32d8f1c5e9f4cbf4cf876b56c825781ea389d0800 Loading...

	fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606	159 B	2023-03-07	2023-03-17
Pretty URL fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606 IP 172.67.149.70 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:48 Last Seen2023-03-17 10:36:59 Times Seen1 Hash 59c614f1f2dea129fa4a56dc87bcd838 227c4f0c3b7e7ecce9e9d2a2121fa57571751ef0 b95205003689c76222ffd54ab19a893800a93e4f7a9700067be6323f7e97747c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 094fb182013315d238417957c09e4ecd	1.9 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 14:49:11 Last Seen2023-03-11 14:49:11 Times Seen1 Hash 094fb182013315d238417957c09e4ecd a1e69d60f9a04bfde4573e422cd377e75fe64295 d0e95c8911fc288362f505e68591e1c0b37f275c6b4f86af70e3e52339d41707 Loading...

HTTP Transactions (47)

URL IP Response Size

ads.istngo.com/1d9bad26-69ad-4c86-a80c-3398670fd745

18.195.123.247

302

0 B

URL HTTP/1.1
ads.istngo.com/1d9bad26-69ad-4c86-a80c-3398670fd745
IP
18.195.123.247:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1d9bad26-69ad-4c86-a80c-3398670fd745 HTTP/1.1
Host: ads.istngo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Sun, 20 Nov 2022 06:51:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606
Pragma: no-cache
Set-Cookie: 1d9bad26-69ad-4c86-a80c-3398670fd745-v4=ULZKNCFl5uX9bOtAilsV2JKhuHCCj2mkEQW-ynhVsI8; Max-Age=86400; Expires=Mon, 21-Nov-2022 06:51:36 GMT; Domain=ads.istngo.com; Path=/; HttpOnly
cep-v4=635Kk19Cnco7iF9kq02A2m4t9BY_hlGGSDYdmbN55E4IGQFrx9eaZ5xEBFiXxALlPgZ4dSFmPrU2dxO9gSUnfH6gVsmNXDxWM9HXqCUYZVNbP8R7soNdaiCi5VBob84OVNaagcq_-D49wtgmDM2sK9e4Df29U9k9Fgad6zko2nyCdRAOLcphuUUlUHsx7d3JZuKIpzN0-vbekHn8w31TR5IG1rMjiI6_EC3TL8JrPqcZd7eG3okDYLfHUowbY-IHFn1HpG2m7TQRY1ErPozxCvT5vShk8P51hpbb7m9b5y-_z9LxVLu4QSnL-_81o4k2T3VWkDx1t2YC6AhDP_nnDJiFPvg-HJTUgQyw_Embuas; Max-Age=86400; Expires=Mon, 21-Nov-2022 06:51:36 GMT; Domain=ads.istngo.com; Path=/; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10296
Expires: Sun, 20 Nov 2022 09:43:12 GMT
Date: Sun, 20 Nov 2022 06:51:36 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4566
Cache-Control: max-age=104143
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:36 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:47:19 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9968
Expires: Sun, 20 Nov 2022 09:37:44 GMT
Date: Sun, 20 Nov 2022 06:51:36 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 20 Nov 2022 06:44:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 398
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: JRtfFVjmI9LGtvCkypRr78yox+BjLMQjsC/Yj0B5ED3f5bCkXxN9rwLqwHu48pOcpoEL24bSZRs=
x-amz-request-id: R72PMN1HA67ZYW2T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 20 Nov 2022 06:38:37 GMT
age: 779
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
baaa47948da1a7cb6bbd0ed1de6580a4
a2c05ac4fe20942d2dc2829c301cca7f9680dfc2
9ae52607eee0bb57e8a96abc16a3e36341e26c8c89cb776daa5a90bfe43188fc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=108567
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:36 GMT
Etag: "6378d38f-117"
Expires: Mon, 21 Nov 2022 13:01:03 GMT
Last-Modified: Sat, 19 Nov 2022 13:01:03 GMT
Server: nginx
Content-Length: 279

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 20 Nov 2022 06:51:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
baaa47948da1a7cb6bbd0ed1de6580a4
a2c05ac4fe20942d2dc2829c301cca7f9680dfc2
9ae52607eee0bb57e8a96abc16a3e36341e26c8c89cb776daa5a90bfe43188fc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=108567
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:36 GMT
Etag: "6378d38f-117"
Expires: Mon, 21 Nov 2022 13:01:03 GMT
Last-Modified: Sat, 19 Nov 2022 13:01:03 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279

static.production.almightypush.com/mng/subs_window.js?ver=1624960645

54.230.111.2

200 OK

20 kB

URL HTTP/2
static.production.almightypush.com/mng/subs_window.js?ver=1624960645
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text
Size
20 kB (19491 bytes)
Hash
ae593f4be1dd1f0710123918b49c4933
66fbe30bb873e0a47d3d72e737d68aa4b6916c26
fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206

HTTP Headers

GET /mng/subs_window.js?ver=1624960645 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 19491
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 00:02:23 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LGWi3_nXG6MhTtyNOwNl4k0eqsNG57Z4UaIEXbbn2Q-0i9acCtyzQA==
age: 24568
X-Firefox-Spdy: h2

static.production.almightypush.com/mng/channels/init.min.js?ver=1624960645

54.230.111.2

200 OK

22 kB

URL HTTP/2
static.production.almightypush.com/mng/channels/init.min.js?ver=1624960645
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
22 kB (21924 bytes)
Hash
2ea196bb9d9670ec138eb0c8c23e6696
b0876fd8c0c56c5d34368c16a829c040c23cbaba
1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7

HTTP Headers

GET /mng/channels/init.min.js?ver=1624960645 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 21924
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 00:02:23 GMT
etag: "2ea196bb9d9670ec138eb0c8c23e6696"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cBgPcACq31-HzWrmgUlo4FxcmRXAkiH1KurmYt_4wgOPBCZnaO_swQ==
age: 24570
X-Firefox-Spdy: h2

static.production.almightypush.com/mng/subs_window.css?ver=1624960645

54.230.111.2

200 OK

6.9 kB

URL HTTP/2
static.production.almightypush.com/mng/subs_window.css?ver=1624960645
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text
Size
6.9 kB (6945 bytes)
Hash
bd7dbae15f904a4e1213439ebfefddbe
9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a

HTTP Headers

GET /mng/subs_window.css?ver=1624960645 HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-length: 6945
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 05:30:18 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hCRRK0n7uflQ66fs_Y2sAhRrQDa2_2b1YYitisEPv34P6Iw7K0o60w==
age: 4958
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a84c98e290d45b73d865c2c8112b426d
5f5a8dcf31fa68a5dabf0eda8622309f11a1ed8f
8369dc94145b8de7f526de509c0c92d8a58b717f6b103492d321250039973081

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8369DC94145B8DE7F526DE509C0C92D8A58B717F6B103492D321250039973081"
Last-Modified: Fri, 18 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2976
Expires: Sun, 20 Nov 2022 07:41:13 GMT
Date: Sun, 20 Nov 2022 06:51:37 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 20 Nov 2022 06:44:50 GMT
cache-control: public,max-age=3600
age: 407
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5831
Cache-Control: max-age=100346
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:37 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 10:44:03 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9857c8a6cf41fa9b22c759a767792818
616cdcd29d22ec457680ee5c8b99828a368b91b2
a36bc7a5b5f4d730b709b68761b127a19098a5911fe113dbc9abc39e90c50549

HTTP Headers

POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.production.almightypush.com/mng/channels/sw.min.js

54.230.111.2

200 OK

6.2 kB

URL HTTP/2
static.production.almightypush.com/mng/channels/sw.min.js
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
6.2 kB (6178 bytes)
Hash
b2405c913e932b43ebf78735d6443f3e
0bc31e5f485d5080be019d8494be42b0b1a3c860
e8ee0d1cbe8b059c84f744ac6ed1b37205bbca409c174c0bd4376e738e1b7e11

HTTP Headers

GET /mng/channels/sw.min.js HTTP/1.1
Host: static.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 6178
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 20 Nov 2022 04:26:45 GMT
etag: "b2405c913e932b43ebf78735d6443f3e"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8tHpi3WsFcebR6oIbhMkiJuYfzKDh3X9vw_9nDEDJWMU2oNTryzA_Q==
age: 8698
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.216.88.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.88.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gi13DszUvxw17bnij6xfaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pmppXHoci1ihRE/y26AJlwDPx4I=

ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/WN5AJRoEZfI
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9857c8a6cf41fa9b22c759a767792818
616cdcd29d22ec457680ee5c8b99828a368b91b2
a36bc7a5b5f4d730b709b68761b127a19098a5911fe113dbc9abc39e90c50549

HTTP Headers

POST /s/gts1p5/WN5AJRoEZfI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f072667a1a6557105605fab5eb2af6ea
9bb6182cb22922739c4c9ad794e1b5305dce02f0
0410af645b00aa4f6b06264dc0e2f106bc3ef6aa4333bc081b5403b6356e32b5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90373
Date: Sun, 20 Nov 2022 06:51:38 GMT
Etag: "637887b4-1d7"
Expires: Mon, 21 Nov 2022 07:57:51 GMT
Last-Modified: Sat, 19 Nov 2022 07:37:24 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Kpcq9_s_ALCgCXnwFoS7xcac2JwSXxrrCCIKR5IerGFHySPou39-YQ==
Age: 1227

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f072667a1a6557105605fab5eb2af6ea
9bb6182cb22922739c4c9ad794e1b5305dce02f0
0410af645b00aa4f6b06264dc0e2f106bc3ef6aa4333bc081b5403b6356e32b5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95342
Date: Sun, 20 Nov 2022 06:51:38 GMT
Etag: "637887b4-1d7"
Expires: Mon, 21 Nov 2022 09:20:40 GMT
Last-Modified: Sat, 19 Nov 2022 07:37:24 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j_rXBteB4nigtoW_vbporDcOPx4MzeCX8rd6zJ_f9aobhTqJcCYqNw==
Age: 6196

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100

142.250.74.142

302 Found

337 B

URL HTTP/2
lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
66a43eafe19fd2e9782007272dd06ced
9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb

HTTP Headers

GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1
Host: lh3.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 20 Nov 2022 06:51:38 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
65b6382722e890c64ed9b9771b16b16f
864eff411d3e0cb6fff8c13b6b8ba973be69b7d1
a92698c9ca01797748e2b1722ea068d8a0497594b765373bc385164d501144a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 20 Nov 2022 06:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

manager.production.almightypush.com/api/v1/code-snippet/

3.136.143.215

200 OK

0 B

URL HTTP/2
manager.production.almightypush.com/api/v1/code-snippet/
IP
3.136.143.215:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v1/code-snippet/ HTTP/1.1
Host: manager.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: channel-token
Referer: https://fuckthisgirl.net/
Origin: https://fuckthisgirl.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 06:51:38 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: gunicorn/19.9.0
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://fuckthisgirl.net
access-control-allow-headers: accept, accept-encoding, authorization, content-type, origin, x-csrftoken, x-requested-with, X-Push-Channel-Id, Channel-Token
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en

216.58.207.237

302 Found

409 B

URL HTTP/2
accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (387)
Size
409 B (409 bytes)
Hash
675a4a6220c316419627cf3cc5e4d95b
1eb37e7db939fde8162ec6261aa985dbd26b6cd0
b4610b2b7232347db8db4e21af0010b6d4883c9875b45c4f72f9337771628f7a

HTTP Headers

GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Nov 2022 06:51:38 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1593420159%3A1668927098267211&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs3dZ_XJLKTLkpvX6y2ZjI2F9cTIXdaacsismSRcgO77MmalXycxGClHxijLLg6qZ94Uv9jrA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-ICaNDooUSGlwfI1ZRwRGzQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 409
server: GSE
set-cookie: __Host-GAPS=1:1gPixbW_jzAZw9S4UfcuDoAtmvNcYQ:O1Cjf6zHLwEG913m;Path=/;Expires=Tue, 19-Nov-2024 06:51:38 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

manager.production.almightypush.com/api/v1/code-snippet/

3.136.143.215

200 OK

1.6 kB

URL HTTP/2
manager.production.almightypush.com/api/v1/code-snippet/
IP
3.136.143.215:0
ASN
#16509 AMAZON-02

File type
JSON data\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1629), with no line terminators
Size
1.6 kB (1638 bytes)
Hash
a3c0cac1b0fc6aaca3e4691853f26048
13f2ab43943995bbaef114ae1c8f5260ebfab44d
0dfcfba296eddb280c5aa39e3738d0471561438c1a81609ed13f87b81a5d5190

HTTP Headers

GET /api/v1/code-snippet/ HTTP/1.1
Host: manager.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fuckthisgirl.net/
Channel-Token: NWExZDA2NjA4NDZlOGZjMzdmNGEyYjQ4YTE1MTNhZDA9NDEwNj0v
Origin: https://fuckthisgirl.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 06:51:38 GMT
content-type: application/json
content-length: 1638
server: gunicorn/19.9.0
vary: Accept, Origin
allow: GET, POST, HEAD, OPTIONS
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-origin: https://fuckthisgirl.net
x-content-type-options: nosniff
referrer-policy: same-origin
set-cookie: attached-subscription-window-id-4106=1618; Path=/
X-Firefox-Spdy: h2

manager.production.almightypush.com/api/v1/window-session-rules/?name=allow_notifications&value=0&window=1618

3.136.143.215

200 OK

0 B

URL HTTP/2
manager.production.almightypush.com/api/v1/window-session-rules/?name=allow_notifications&value=0&window=1618
IP
3.136.143.215:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v1/window-session-rules/?name=allow_notifications&value=0&window=1618 HTTP/1.1
Host: manager.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: channel-token,content-type
Referer: https://fuckthisgirl.net/
Origin: https://fuckthisgirl.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 06:51:38 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: gunicorn/19.9.0
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://fuckthisgirl.net
access-control-allow-headers: accept, accept-encoding, authorization, content-type, origin, x-csrftoken, x-requested-with, X-Push-Channel-Id, Channel-Token
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

manager.production.almightypush.com/api/v1/window-session-rules/?name=allow_notifications&value=0&window=1618

3.136.143.215

204 No Content

0 B

URL HTTP/2
manager.production.almightypush.com/api/v1/window-session-rules/?name=allow_notifications&value=0&window=1618
IP
3.136.143.215:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/v1/window-session-rules/?name=allow_notifications&value=0&window=1618 HTTP/1.1
Host: manager.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Channel-Token: NWExZDA2NjA4NDZlOGZjMzdmNGEyYjQ4YTE1MTNhZDA9NDEwNj0v
Origin: https://fuckthisgirl.net
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 20 Nov 2022 06:51:38 GMT
server: gunicorn/19.9.0
vary: Accept, Origin
allow: GET, POST, HEAD, OPTIONS
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-origin: https://fuckthisgirl.net
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

manager.production.almightypush.com/api/v1/session-events/

3.136.143.215

200 OK

0 B

URL HTTP/2
manager.production.almightypush.com/api/v1/session-events/
IP
3.136.143.215:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v1/session-events/ HTTP/1.1
Host: manager.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: channel-token,content-type
Referer: https://fuckthisgirl.net/
Origin: https://fuckthisgirl.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 20 Nov 2022 06:51:38 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: gunicorn/19.9.0
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://fuckthisgirl.net
access-control-allow-headers: accept, accept-encoding, authorization, content-type, origin, x-csrftoken, x-requested-with, X-Push-Channel-Id, Channel-Token
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

img.almightypush.com/image/dc0843d687364708807c35f974a773f9/image.jpg

104.21.234.130

200 OK

93 kB

URL HTTP/2
img.almightypush.com/image/dc0843d687364708807c35f974a773f9/image.jpg
IP
104.21.234.130:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 600x600, components 3\012- data
Size
93 kB (93400 bytes)
Hash
476cdda39ef8ab396888c1817a62a726
5330bbcfd752b6b66468ed245a28b4b3ed425a4e
91902b6e343eae4011bfd0075710def9ba6a86946e7aa72055c5c3f6ad8ff03d

HTTP Headers

GET /image/dc0843d687364708807c35f974a773f9/image.jpg HTTP/1.1
Host: img.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 06:51:38 GMT
content-type: image/jpeg
content-length: 93400
expires: Sun, 20 Nov 2022 12:36:36 GMT
etag: "5330bbcfd752b6b66468ed245a28b4b3ed425a4e"
cache-control: public, max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, PATCH
access-control-allow-headers: Origin, Authorization, X-Requested-With, X-Push-Channel-Id, Content-Type, Accept, Channel-Token
access-control-allow-credentials: true
cf-cache-status: HIT
age: 65702
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwsfHWxILNBiGMcMLeg2F6lDfVfKJm62eT5V96zTbUKvNdrt2%2F4J9KYNdEgki3vjYdGuDCQNa8az1k8dR1lLD7jRfuV3SOFLqrytu7S141K%2FSSAKlgbGFHI7zPuamQUayf3ZV6Au%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cf421f4af471e4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10423
Expires: Sun, 20 Nov 2022 09:45:21 GMT
Date: Sun, 20 Nov 2022 06:51:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10423
Expires: Sun, 20 Nov 2022 09:45:21 GMT
Date: Sun, 20 Nov 2022 06:51:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10423
Expires: Sun, 20 Nov 2022 09:45:21 GMT
Date: Sun, 20 Nov 2022 06:51:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10423
Expires: Sun, 20 Nov 2022 09:45:21 GMT
Date: Sun, 20 Nov 2022 06:51:38 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg

34.120.237.76

200 OK

39 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
39 kB (38916 bytes)
Hash
f4404725184d270bc89e0363bf5a76f8
0126b2d4c3df1271038632486c7ca1db6426230d
d4ef01ba1da37d0cc7b2ca5c42d382d2d3186d7d7b7863e7728643cdd42ab331

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a4c45ae-b32f-41fd-b114-30dd881b4ef3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7659
x-amzn-requestid: 78936c00-59d6-45ae-97fe-b038a9748078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3i0BFtdoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b4c-45f909677dc2cece6f0e27aa;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -B6mMWjuXxI3rVMu78ut9_BICmn-XzHWHfmj5Xi6H0OoXSAMCPNm0Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:41:31 GMT
etag: "a2147825fc70ee46cdff2c5857646078c7cc3dad"
content-type: image/jpeg
age: 33007
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86d91cae-e45a-42bb-bc53-ad381a9dda40.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12222 bytes)
Hash
77403bdd6aa831f4aceef8b83a10527e
9abc5cc7d7158fd7e80ab81c9ea8f8a2e62d350d
baa16a2ee961dd5df4ff0a4229dbc909fe8f0fff08bf8a3c4fc37735c996666e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86d91cae-e45a-42bb-bc53-ad381a9dda40.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12222
x-amzn-requestid: 0bc42acb-9924-4d5f-a361-d35e6787e9f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3izEFsQoAMFipg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794b46-75bed46b4ca028b3291ed76d;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3_sDwAxB0TEu-2Y4FZ4j8MMOtks6YvZ7ePAXRtscZNUZTJRCbSzyng==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:56:11 GMT
age: 32127
etag: "9abc5cc7d7158fd7e80ab81c9ea8f8a2e62d350d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef02c8b-0cf1-4f53-8c0d-85c145fbaa34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8559 bytes)
Hash
c7ed7689683568e009b5a99a086dc670
e2a49337494052bc239898df36b0b944c2906df0
f3905d033c4c6ce0f0e5c6d25584f7cb5198acbfd525419f65a355bf6e8f6e8b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faef02c8b-0cf1-4f53-8c0d-85c145fbaa34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8559
x-amzn-requestid: 5d02c958-c719-443d-9205-6e8f69ec3089
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3jaKFoUoAMFphQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794c40-57cde7d25580a78c76c98547;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:36:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oDXrLvhpgBsIKQP2MZfVPslO7yfnTHTQe_ubJXmB9RKohKHFzYcOtw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 21:58:14 GMT
age: 32004
etag: "e2a49337494052bc239898df36b0b944c2906df0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6744 bytes)
Hash
e33cec1fb25538471758ee73cffc0c88
351f0afdd289e84c829401b80645c8803b47bc39
d826e4a0f0f53e95864b1e40d6bf13d2e82ad5806f988b7d54bb97e21b45da8e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b47e52f-9db3-4562-a907-fad72a31cf1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6744
x-amzn-requestid: e03ae3dd-b804-4a7f-9d23-f208c2608b63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3juwFMKIAMFpIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63794cc4-67355244587bcb725a80e363;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: txwSLf1dmqrnZtohweappWUggRFbJJXEruSrPUZk48IcXkpkzzhzZQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 22:53:20 GMT
age: 28698
etag: "351f0afdd289e84c829401b80645c8803b47bc39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9798 bytes)
Hash
a41f9693b9247dcce6c2340bb5c02828
e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e
aa23cead1d44bf9db22654eb14113ef356d4ac972d301969c02803964418d556

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9798
x-amzn-requestid: abab4eb2-0a35-4113-8a52-e07c08f069cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkiY2HXCoAMFVrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b105-1cb176423ca3231a093cc4c7;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:07:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sCEwyGN6h_P0abZJGEY8PJNE7j1Nmz62-wvzWWO5gbFwA1auACXtJw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 15:08:05 GMT
age: 56613
etag: "e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: s1153EpshSWYGLcN7Zzzs4PgXl9cddZ20gTwh5bK2HOBu4e_PSNCpQ==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 03:43:56 GMT
age: 11262
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

manager.production.almightypush.com/api/v1/session-events/

3.136.143.215

201 Created

0 B

URL HTTP/2
manager.production.almightypush.com/api/v1/session-events/
IP
3.136.143.215:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v1/session-events/ HTTP/1.1
Host: manager.production.almightypush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Channel-Token: NWExZDA2NjA4NDZlOGZjMzdmNGEyYjQ4YTE1MTNhZDA9NDEwNj0v
Content-Length: 46
Origin: https://fuckthisgirl.net
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 201 Created
date: Sun, 20 Nov 2022 06:51:38 GMT
content-length: 0
server: gunicorn/19.9.0
vary: Accept, Origin
allow: POST, OPTIONS
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-origin: https://fuckthisgirl.net
x-content-type-options: nosniff
referrer-policy: same-origin
set-cookie: session_uuid=80592865-ec0d-4e6d-b609-062a47990304; expires=Mon, 20 Nov 2023 06:51:38 GMT; Max-Age=31536000; Path=/
X-Firefox-Spdy: h2

fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606

172.67.149.70

200 OK

0 B

URL HTTP/2
fuckthisgirl.net/it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606
IP
172.67.149.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /it/multi/ms/3-861045/?cep=JEIAaAOS2PUcQWS8DGWVRO1G81ni0VT4sFBQH9uSTyzez0AF5p25vubQQSEL48bziSAOjOtN7g_qY9bW4dJYpezEJB278H1bnndQfwTdh7uAPMv2BpR7FPsNQWsytT2yANbXCcOsGnF0zD63FFcp_6OoxXIJEdAu_GRpMUQIXNY8mtNWIhYLwcJzOYFeHxbqBPRGwWRipDwSMLv6UoVo59OnmfP-i3aZvjIzx90VKxcpKndmd5W5a6CKZVxasOUqa1PalKdYXTiRKZQjDvDkm9C3FF3ocajua9BQGCK_tXGF_smfCaKVMxPOZDxcO5VLo9BONh7iByW-6MHKYHCmKY5wybsoRia4JBZiAl2eDbA&lptoken=168268a0924488829606 HTTP/1.1
Host: fuckthisgirl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 20 Nov 2022 06:51:36 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tb1NNTIfaKNk6WDDkWmd771IZnZvbA3sMfKmVldyjL3P%2BFOxCB1LrS9RDxHACbCQM0GttcCZMVQWt7wHafIhO5vmteSQlmGMiOhpRnYEjZxp2dwLVmM14OG4jKLgu5U7CZbS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76cf4212eeccb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zeniocloud.com/JAIA.js?sub1=fuckthisgirl.net

167.114.67.56

200 OK

0 B

URL HTTP/2
zeniocloud.com/JAIA.js?sub1=fuckthisgirl.net
IP
167.114.67.56:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /JAIA.js?sub1=fuckthisgirl.net HTTP/1.1
Host: zeniocloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 20 Nov 2022 06:51:37 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
X-Firefox-Spdy: h2

alexatracker.com/jscode/JAIA.js?sub1=fuckthisgirl.net&sub2=&sub3=&sub4=&sub5=&prid=

104.21.85.99

200 OK

0 B

URL HTTP/2
alexatracker.com/jscode/JAIA.js?sub1=fuckthisgirl.net&sub2=&sub3=&sub4=&sub5=&prid=
IP
104.21.85.99:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jscode/JAIA.js?sub1=fuckthisgirl.net&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1
Host: alexatracker.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fuckthisgirl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 20 Nov 2022 06:51:37 GMT
content-type: application/json; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
cf-cache-status: BYPASS
set-cookie: trbarid=10dc3ea57bceb444d73ca77b089702ccb804e3c122179966e74a5f6cc5456e09a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A1562536467190369913%3B%7D; expires=Sun, 24-Nov-2024 06:51:37 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FYlPpjzfj7%2B0vHSFcKsrKcShHUoZ5ZRmjyggRtEM3ZT8JT03aN884%2Bv7sLUXDDq4Ylk4cAGmJeIXkYrk1ld7qPNr4ZCkHRxHAGzsfKjpK8kDr6W4%2FoknmQzCfsz2UyJycxM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76cf4218eb981c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?dsh=S-1593420159%3A1668927098267211&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs3dZ_XJLKTLkpvX6y2ZjI2F9cTIXdaacsismSRcgO77MmalXycxGClHxijLLg6qZ94Uv9jrA

216.58.207.237

403 Forbidden

0 B

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S-1593420159%3A1668927098267211&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs3dZ_XJLKTLkpvX6y2ZjI2F9cTIXdaacsismSRcgO77MmalXycxGClHxijLLg6qZ94Uv9jrA
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/signin/identifier?dsh=S-1593420159%3A1668927098267211&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=ARgdvAs3dZ_XJLKTLkpvX6y2ZjI2F9cTIXdaacsismSRcgO77MmalXycxGClHxijLLg6qZ94Uv9jrA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 20 Nov 2022 06:51:38 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-YtdwYWMK2E3yCSlQRnbb-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations