Overview

URL go.gkrtmc.com/aff_c?offer_id=8326&aff_id=29971&url_id=14340&aff_sub5=banner&source=fb7f1e3f-f0db-4ad5-9dd1-c59c1b629a6e&click_id=QTRso25abAFGQC876oLbio
IP172.255.248.105
ASNSERVERS-COM
Location Luxembourg
Report completed2022-09-05 17:33:10 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-05 2 go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.deiightfuldate.net%2Fc%2Fc4421 (...) Phishing
2022-09-05 2 rkkmj.deiightfuldate.net/js/pushjs/1.0.0/subscriber.js Phishing
2022-09-05 2 rkkmj.deiightfuldate.net/js/pushjs/1.0.0/utils.js Phishing
2022-09-05 2 rkkmj.deiightfuldate.net/js/service-worker.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (14)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-05 05:14:21 UTC 143.204.55.35
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-05 16:52:26 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS go.gkrtmc.com (4) 0 2022-01-24 12:45:18 UTC 2022-09-05 15:20:13 UTC 172.255.248.105 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-05 04:38:54 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-05 09:22:24 UTC 93.184.220.29
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-05 11:07:08 UTC 143.204.55.115
mnemonic passive DNS cdn-dimi.akamaized.net (12) 0 2022-07-07 13:18:25 UTC 2022-09-05 15:36:09 UTC 184.31.15.67 Domain (akamaized.net) ranked at: 280
mnemonic passive DNS rkkmj.deiightfuldate.net (4) 0 2022-08-03 12:39:26 UTC 2022-09-04 11:30:19 UTC 52.19.101.114 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-05 04:38:08 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-05 05:10:58 UTC 44.240.140.78
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-05 08:52:38 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-05 04:38:00 UTC 23.36.76.226
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-05 04:37:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-05 12:21:06 UTC 142.250.74.10


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.255.248.105

Date UQ / IDS / BL URL IP
2022-11-28 18:45:09 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-28 15:13:48 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-26 23:16:13 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4898&aff_id=6217 (...) 172.255.248.105
2022-11-26 22:03:40 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-26 22:03:39 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4178&aff_id=6162 (...) 172.255.248.105

Last 5 reports on ASN: SERVERS-COM

Date UQ / IDS / BL URL IP
2022-11-28 22:58:36 +0000
0 - 0 - 5 inslutty.com/ 23.111.80.247
2022-11-28 19:58:57 +0000
0 - 0 - 1 soldierreproduceadmiration.com 173.233.139.164
2022-11-28 19:49:08 +0000
0 - 0 - 3 dfbfgbfgbf.boxmode.io/ 209.192.137.208
2022-11-28 19:42:51 +0000
0 - 0 - 1 turbobif.com/12igtau52jyu.html?short_domain=t (...) 45.142.201.207
2022-11-28 19:27:47 +0000
0 - 0 - 2 www.highperformancecpmgate.com/bdh5aqdm 173.233.137.36

Last 5 reports on domain: gkrtmc.com

Date UQ / IDS / BL URL IP
2022-11-28 18:45:09 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-28 15:13:48 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-26 23:16:13 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4898&aff_id=6217 (...) 172.255.248.105
2022-11-26 22:03:40 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=8495&aff_id=6162 (...) 172.255.248.105
2022-11-26 22:03:39 +0000
0 - 0 - 1 go.gkrtmc.com/aff_c?offer_id=4178&aff_id=6162 (...) 172.255.248.105

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-13 15:57:20 +0000
0 - 0 - 2 mdezw.youramourishere.net/c/c44213fa2bf7a303? (...) 52.19.101.114
2022-09-09 16:39:01 +0000
0 - 0 - 2 mdezw.youramourishere.net/c/c44213fa2bf7a303? (...) 52.19.101.114
2022-09-02 21:24:43 +0000
0 - 0 - 2 tokyo2020expert.net/ 72.52.178.23
2022-09-02 17:55:49 +0000
0 - 0 - 2 mdezw.youramourishere.net/c/c44213fa2bf7a303? (...) 52.19.101.114
2022-09-02 17:55:41 +0000
0 - 0 - 3 a.vfgtg.com/84f8949f-e33c-477e-8a2c-904839a45 (...) 18.192.108.151


JavaScript

Executed Scripts (16)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (42)


Request Response
                                        
                                            GET /aff_c?offer_id=8326&aff_id=29971&url_id=14340&aff_sub5=banner&source=fb7f1e3f-f0db-4ad5-9dd1-c59c1b629a6e&click_id=QTRso25abAFGQC876oLbio HTTP/1.1 
Host: go.gkrtmc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.255.248.105
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:32:59 GMT
Content-Length: 324
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Wed, 05 Oct 2022 17:32:59 GMT test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
Location: aff_c?offer_id=4178&aff_id=29971&aff_sub5=banner&source=fb7f1e3f-f0db-4ad5-9dd1-c59c1b629a6e&click_id=QTRso25abAFGQC876oLbio
Vary: Accept
Cache-Control: no-store, no-cache


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (324), with no line terminators
Size:   324
Md5:    6fa0368c13e442de6fe9be4acbe33c1d
Sha1:   d4cf76f5add836653b4bd0be00621afc48e9cbc6
Sha256: cb24d6e295b45f0edfbd00c4faa2825293a0a872d5423a769ddb1e7137bf856f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2825
Expires: Mon, 05 Sep 2022 18:20:04 GMT
Date: Mon, 05 Sep 2022 17:32:59 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 17:01:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OGb8FrKox4w1Vs1dloAyDAp_Y3Wo6SFOaxkTzI_x3aEMoEhwiU7jAw==
Age: 1860


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b593eb39329cfe060d55be5e4a5405e2
Sha1:   78e46c1028e9f94f8569303ad2d90d7df13a059a
Sha256: 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kqY2gajZ3UTJlyX8nXs3qRsCZX2ZmOeKA0vqmFJTM6Rs3MhIxpa02A==
age: 58662
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /aff_c?offer_id=4178&aff_id=29971&aff_sub5=banner&source=fb7f1e3f-f0db-4ad5-9dd1-c59c1b629a6e&click_id=QTRso25abAFGQC876oLbio HTTP/1.1 
Host: go.gkrtmc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: language=en
Upgrade-Insecure-Requests: 1

                                         
                                         172.255.248.105
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:32:59 GMT
Content-Length: 516
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Wed, 05 Oct 2022 17:32:59 GMT test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT 4178=37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3; Domain=go.gkrtmc.com; Path=/; Expires=Wed, 05 Oct 2022 17:32:59 GMT op_4178=0; Domain=go.gkrtmc.com; Path=/; Expires=Wed, 05 Oct 2022 17:32:59 GMT user_id=b2278208-b088-472b-8a70-55e878804c9b_76781db36358640443df1aa6e1455247; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 04 Sep 2027 17:32:59 GMT; Secure; SameSite=None
Location: /rd.html?go=https%3A%2F%2Frkkmj.deiightfuldate.net%2Fc%2Fc44213fa2bf7a303%3Fs1%3D20904%26s2%3D1437381%26s3%3D29971%26s5%3Dfb7f1e3f-f0db-4ad5-9dd1-c59c1b629a6e%26click_id%3D37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3%26j1%3D1%26j8%3D1
Vary: Accept
Cache-Control: no-store, no-cache


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (516), with no line terminators
Size:   516
Md5:    17acfedc2788a4b63cbfb3e76e40920a
Sha1:   bc288552cd27c0f26654e5e9a78813510bb589ec
Sha256: 38e009a734590394ac88b2bf2fd6fec67e776e56833063fc09bbd6fa5c6692b3
                                        
                                            GET /rd.html?go=https%3A%2F%2Frkkmj.deiightfuldate.net%2Fc%2Fc44213fa2bf7a303%3Fs1%3D20904%26s2%3D1437381%26s3%3D29971%26s5%3Dfb7f1e3f-f0db-4ad5-9dd1-c59c1b629a6e%26click_id%3D37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3%26j1%3D1%26j8%3D1 HTTP/1.1 
Host: go.gkrtmc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: language=en; 4178=37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3; op_4178=0
Upgrade-Insecure-Requests: 1

                                         
                                         172.255.248.105
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:33:00 GMT
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   255
Md5:    997bfcab4e7a51023ff8da026ed4374a
Sha1:   35d15ad133e52c1b9dea0b3696a8719521387a9e
Sha256: 070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 05 Sep 2022 17:32:59 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: go.gkrtmc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.deiightfuldate.net%2Fc%2Fc44213fa2bf7a303%3Fs1%3D20904%26s2%3D1437381%26s3%3D29971%26s5%3Dfb7f1e3f-f0db-4ad5-9dd1-c59c1b629a6e%26click_id%3D37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3%26j1%3D1%26j8%3D1
Cookie: language=en; 4178=37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3; op_4178=0

                                         
                                         172.255.248.105
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 05 Sep 2022 17:33:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   123
Md5:    c728bf241d9141b8d3100ae5140e09c5
Sha1:   07f0da1bdfadd0354b090781f1e3264ac22b6c39
Sha256: 34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "599F14A0819BE6EA91C3C15F9F825A0A72D1269FC63803966E1C6972889B5FDD"
Last-Modified: Sat, 03 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2480
Expires: Mon, 05 Sep 2022 18:14:20 GMT
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive

                                        
                                            GET /landings/273276/1662018467/css/popup.css?1662018468 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: XY9vQF8EqdCxV2i5fPedsV4QcV6aRuynV1J+5L5E3vKWeReMI6bebI9PSmK03xxhFlm6SdBlN2Q=
x-amz-request-id: XX9E8MHWECSW75YS
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "288b4f0199104eb294d366a24a0c23b7"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Sep 2022 17:33:00 GMT
Content-Length: 560
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   560
Md5:    18793267b5f3c5d4eee236f915163b02
Sha1:   6f53a8e47137a95e13cc7840cecdcb1841432f3b
Sha256: f530d29db5f34c0d3d0eb720ee6ed8c5a7e3c84e1351fb99c2e484aea45727b3
                                        
                                            GET /landings/273276/1662018467/css/style-holder.css?1662018468 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: j9NMuWYYvxKW7Dms9yl4vUCwGqfwlWtHpHIfKxd4vAqLHCDluDE2+PrXGiobjpdRlQj1QOM7MIg=
x-amz-request-id: XX97WJWDNV8EYBBM
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "db20d0c699b6af01e5f675d91fa9593f"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 315
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   315
Md5:    db20d0c699b6af01e5f675d91fa9593f
Sha1:   56ec1bd4364702bd26d6bc7082e022f35d52d302
Sha256: 6947c05651cd0b852f04e23b9414329f768a6d14fd4005505891d8a6eb024388
                                        
                                            GET /c/c44213fa2bf7a303?s1=20904&s2=1437381&s3=29971&s5=fb7f1e3f-f0db-4ad5-9dd1-c59c1b629a6e&click_id=37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3&j1=1&j8=1 HTTP/1.1 
Host: rkkmj.deiightfuldate.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://go.gkrtmc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         52.19.101.114
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Mon, 05 Sep 2022 17:33:00 GMT
set-cookie: unique_id=631632cc00057834; Path=/; Expires=Fri, 04 Nov 2022 17:33:00 GMT; Secure; SameSite=None unique_id2=6315c0fc00057dcd; Path=/; Expires=Sun, 04 Dec 2022 17:33:00 GMT; Secure; SameSite=None 6315c0fc00057dcd_c=1; Path=/; Expires=Sun, 04 Dec 2022 17:33:00 GMT; Secure; SameSite=None ref_token=20904; Path=/; Expires=Wed, 05 Oct 2022 17:33:00 GMT; Secure; SameSite=None impression=; Path=/; Expires=Mon, 05 Sep 2022 17:33:00 GMT; Secure; SameSite=None 6315c0fc00057dcd_sl=[273276]; Path=/; Expires=Mon, 19 Sep 2022 17:33:00 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14410)
Size:   7710
Md5:    ce766b31cbffb19e38dfacfcd309a692
Sha1:   5025296906027fe74092e7742a1bf5ce4f99c3ae
Sha256: c0d539706424e590047d2d4a7b0a4e361fc18437b204226feb8e568cad663878
                                        
                                            GET /landings/273276/1662018467/js/translates.js?1662018468 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: e2Xy5tAP3VYeB0AeDaj6Q69HHwI7acxGX+YCIFjrRJgc8OGB0OFKxKGxR6UB8PvQfOvgb+Z2U3s=
x-amz-request-id: XX9CVQ9Z4ZN025RC
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "43c1e8232cd1652b4de7b9a091424bd9"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Sep 2022 17:33:00 GMT
Content-Length: 18365
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (302)
Size:   18365
Md5:    f10219957e9650fabca9cd00350a1a64
Sha1:   d7e54c5e1927bd58f042fd387dd0c2d10371cfde
Sha256: 75d4109f322a8d416a317bd93803a4ff3980290ec2d9080512f5a64a90c2322d
                                        
                                            GET /landings/273276/1662018467/js/jquery-2.2.4.min.js?1662018468 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: b3Oocw0TQLlsXBRu1KK/C0Xr3pi6HMW8LBIx6YLiLI4r9JPcAwlWaVlw31/iXZNmmijQcA1SyBg=
x-amz-request-id: XX9ACB03M7MVC938
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 05 Sep 2022 17:33:00 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29855
Md5:    2fa28552f1ee4e1382ee43930b53afb8
Sha1:   803670da6a35378bf4eb73acc8e72fe4feb5ca30
Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
                                        
                                            GET /landings/273276/1662018467/images/profile-min-4.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: yEJQxlZV4PHUlgGpaInpYmgMxnUocl4pJl30gxuTHGi2ffibeLTtDEnWP6CrWbestatP3OJtMtI=
x-amz-request-id: 0MKW6QJ2W7MTQNJB
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "d29e5e82688c166e3eb7d3d8697ca5c8"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4986
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Size:   4986
Md5:    d29e5e82688c166e3eb7d3d8697ca5c8
Sha1:   0e058e2323cd1a5558889ed20e42ad0f9d73a1c7
Sha256: 6300a0194077891e3588f090d092418a5d77369c95f30dbc9d5764f6ea3b2382
                                        
                                            GET /landings/273276/1662018467/images/blocked-icon.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 7LQjC6+lw/98zo5G03ms5RTx754U4I2owICK+SeF9hzyF0MWDGECyNpsX93/f59y6+DOAF/wg3Q=
x-amz-request-id: 0MKPDB005MR7AJXV
Last-Modified: Thu, 01 Sep 2022 07:47:49 GMT
ETag: "dd7797e823529164e0f6fc39efd2376a"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 303
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 22 x 28, 8-bit colormap, non-interlaced\012- data
Size:   303
Md5:    dd7797e823529164e0f6fc39efd2376a
Sha1:   d6c98e421a97f34945f94861eeba4a9f00376b50
Sha256: c8eef62a31b18850097e892dc99ce4af5a795f451f424148f8463bd6b0162521
                                        
                                            GET /landings/273276/1662018467/images/profile-min-1.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: FoqQxtAXnHn84HjzqbxMrOQeDz2cKf4WwJAuaB1wD8DgkYYGzgYSm5fgk0BKaun94y8dZZUFun8=
x-amz-request-id: XX97ACEJ7D8HCZ1Z
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "3657376b0213638c73920aa404d5c252"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 5425
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Size:   5425
Md5:    3657376b0213638c73920aa404d5c252
Sha1:   a1c3e0b9de2c8cf976f67704bb2a754f898df53a
Sha256: 20daf1d96534ab6d2fbc33edbabf486c8b14f097d3e7b926100d61e2bc5e6cdd
                                        
                                            GET /landings/273276/1662018467/images/profile-min-3.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: E/d2dRvJD+nwxmXqNMpaF+YDGUGa3qFWVO9QuF8TGaZOnp0RDty5v0rNbsPs6TH+bzD38VZFxQs=
x-amz-request-id: 0MKSRXHBQHSRM8RA
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "22dbf323e9ba34c2e9cfd94d0841deab"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4836
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Size:   4836
Md5:    22dbf323e9ba34c2e9cfd94d0841deab
Sha1:   c2a1aa43a220350054c3804170acce720a48375b
Sha256: 7bbce06873002d4ef868f4a7e2a6c0ab0720409febd1f36a5fc2981ca7493021
                                        
                                            GET /landings/273276/1662018467/images/profile-min-2.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: 2NVF/66EMlhiTLFlUVp857HUxmbaIZu/tiLqAuyU0NYkoJ7cKLBNrZe05AejGjbPc+hsXhBTURo=
x-amz-request-id: 0MKJF83XEJ3V82C4
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "6931de04cd549f35fbc590f2b32e6d94"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 5440
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Size:   5440
Md5:    6931de04cd549f35fbc590f2b32e6d94
Sha1:   6c8c74df9831276bee2d3a9daea554142eaddda7
Sha256: 2c55fdcbcdf9ec937d569fedb1ac3f5ecfb47b8fba486a52678a67a773a5efe4
                                        
                                            GET /landings/273276/1662018467/images/profile-min-5.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: e0t3AXoszYR38wVvG2pC16uomlqRmqkjBXN9GTL2Qvj8RGlNcf7429Nw3I0ywHZPhWrDxz0JEWs=
x-amz-request-id: 0MKY7QMQR9GHAXFG
Last-Modified: Thu, 01 Sep 2022 07:47:50 GMT
ETag: "302b45c36881826efa4a7d0763cc2a45"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4665
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Size:   4665
Md5:    302b45c36881826efa4a7d0763cc2a45
Sha1:   d95d65ab084a67f5375506e66e4c866317c8cb2b
Sha256: a30374e84f4d5c942d9cf60ea8e604aea56c2ee746c5675089bc4d6d0b450d6b
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 05 Sep 2022 16:38:16 GMT
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 17:23:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pUF2fsM2K2ZZaJ3Jqg-0QDtUbVrQsU_N9NiCfer5IuOGX86gzz2lig==
Age: 3284


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:33:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5819
Cache-Control: 'max-age=158059'
Date: Mon, 05 Sep 2022 17:33:00 GMT
Last-Modified: Mon, 05 Sep 2022 15:56:01 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:33:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/273276/1662018467/images/profile-1.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/273276/1662018467/css/style.css?1662018468
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: b/qCxgwzLn2AytjAoVAmwHpgxB81RHQiM3kJ8UatEvwEK4tFCNjRLIl8GdtrTjX2x8Dlsw+NqjQ=
x-amz-request-id: 0MKMF26H9ERS5K5M
Last-Modified: Thu, 01 Sep 2022 07:47:49 GMT
ETag: "6cb264a770a51ed5ecd682713d0eccfd"
Accept-Ranges: bytes
Content-Length: 113602
Server: AmazonS3
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x1039, components 3\012- data
Size:   113602
Md5:    6cb264a770a51ed5ecd682713d0eccfd
Sha1:   1e229cbf6eee85fb316b36c92042b02859bf18a8
Sha256: 2ac6083fe2ed4c3926b571c0ec29af724d6841c3ac026328cb0caae5b6687a4d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:33:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 
Host: rkkmj.deiightfuldate.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/c/c44213fa2bf7a303?s1=20904&s2=1437381&s3=29971&s5=backuser&click_id=37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3&iexpp=1&j1=1&j8=1
Cookie: unique_id=631632cc00057834; unique_id2=6315c0fc00057dcd; 6315c0fc00057dcd_c=1; ref_token=20904; impression=; 6315c0fc00057dcd_sl=[273276]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         52.19.101.114
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 05 Sep 2022 17:33:00 GMT
expires: Mon, 12 Sep 2022 17:33:00 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3768
Md5:    e86dde697c326910879698e728ebccb9
Sha1:   3a1f6ec002930ccd691e76fe2014aa4c1e5e9453
Sha256: 64e57e2eb1e14a9f113366868f8f617adc8fe5ca77ba9615d20899e8baacdf9d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rkkmj.deiightfuldate.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 16:40:18 GMT
expires: Fri, 01 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 348762
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            GET /images/favicon.ico HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
x-amz-id-2: 3PLd1JbxzMUZnvLfJ08LlqJVa0X1bm3g8lDKKuDaPcpHRGpUOyvL763tb+Zgy/zeSb8kMvb/P10=
x-amz-request-id: 2XWP9N688THY1C8H
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4103
Date: Mon, 05 Sep 2022 17:33:00 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   4103
Md5:    4cdf3256cd7b8ec3917adb79d6bf457e
Sha1:   bc615337e9223183a126c8fb649774866fb53e69
Sha256: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 05 Sep 2022 17:33:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:25:09 GMT
expires: Sat, 02 Sep 2023 20:25:09 GMT
cache-control: public, max-age=31536000
age: 248871
last-modified: Thu, 10 May 2018 20:35:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25088)
Size:   8604
Md5:    73069e532b7039778d3a7128c997c61a
Sha1:   c523bbf1ac7f4e612c8ade75434c42fbca885adc
Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
                                        
                                            GET /js/pushjs/1.0.0/utils.js HTTP/1.1 
Host: rkkmj.deiightfuldate.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rkkmj.deiightfuldate.net/c/c44213fa2bf7a303?s1=20904&s2=1437381&s3=29971&s5=backuser&click_id=37_29971_4178_bf48eeeb3de67b23883a4056b6062ab3&iexpp=1&j1=1&j8=1
Cookie: unique_id=631632cc00057834; unique_id2=6315c0fc00057dcd; 6315c0fc00057dcd_c=1; ref_token=20904; impression=; 6315c0fc00057dcd_sl=[273276]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         52.19.101.114
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 05 Sep 2022 17:33:00 GMT
expires: Mon, 12 Sep 2022 17:33:00 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (42618)
Size:   13404
Md5:    59fa3a07df5ed2405f419b06efe62d9d
Sha1:   811092c5025de5ed9333b12280fe4698eb9bfa40
Sha256: 4222cbf641eda504313b3f8d4e0cb2ff58b654e87bfafc3c50653ef9c6286107

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PGCRUjto4MKclAj0oG4tNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.240.140.78
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gWvfYpjWTn3PGCdpPt7tQbo2SuY=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2424
Expires: Mon, 05 Sep 2022 18:13:26 GMT
Date: Mon, 05 Sep 2022 17:33:02 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uz2NbcE4AmOvFQkhJALSpXCGizilya0TuFcczfEwtV09cGXtgVNlpQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:08:58 GMT
age: 69844
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5652
Md5:    10318189f33f071dda64249ab9c8c5bb
Sha1:   e5b5b649a243e5c004d9923d19d4421d1ea96d23
Sha256: 3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VgP7BDBmd5A5bAmRgO88geep419uZ0TQop4jEmRkx-q9rX4PUJZOCQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:16:55 GMT
age: 69367
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7830
Md5:    290f6551c5ac539ea60810b135750f17
Sha1:   3633391a8dd87ef10fcb0d04d7b309738affc4a7
Sha256: d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tR9oeUGtH0NFZdnZj93V6HysPnKOTJhhiEOTNwYdq-4xIzeBZblrhA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:58:46 GMT
age: 70456
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14855
Md5:    ca50f9c56ff869b0b63ca71b1a9f8170
Sha1:   13b16ca74113dfd52ccf23e6bb39307fc713f984
Sha256: 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GuATNx2xnWnEl0cr_2ZWZo_jOWbHlSBYksIeHFDoHAK9o5Tf0PPliQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:29 GMT
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
age: 70173
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8469
Md5:    30bf854fd3e27e2313a3d26fc43b9990
Sha1:   032acf1bfb0c8e2cbce8f2ff4d2964424b044951
Sha256: 7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8eb6cd09-3bf5-48ad-bcab-4b0b05db8dcf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10770
x-amzn-requestid: c6d80cff-8d44-4589-bcf1-1f5a0ab199b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GH4IAMF6KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-2628cc83263aeeb14ce444ef;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eEuQFQAkBAHlIYBRrvaJ1qjT09ezTNaL67wa77h1wS8fHc5oWi91aQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:45:28 GMT
age: 71254
etag: "e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10770
Md5:    5231760bb81282416f2bd27a4261099e
Sha1:   e3e743b349fd5cb399d4cef4a0877dcc8e2f44f9
Sha256: e0762821086503aef75013b60a4e340d6fbf9b1006fc7f8b4e079440afce8c67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XY2liZJvZjSSNT0u90GlCn3HGPxVaYO4xztkeALLJOTRRwruDELcvg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:48:06 GMT
age: 71096
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4426
Md5:    c81f3df885bdee8cac46ea9495e6b63b
Sha1:   fc766bca874a352a4acb569577d4cf6527f4f074
Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
                                        
                                            GET /js/service-worker.js HTTP/1.1 
Host: rkkmj.deiightfuldate.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=631632cc00057834; unique_id2=6315c0fc00057dcd; 6315c0fc00057dcd_c=1; ref_token=20904; impression=; 6315c0fc00057dcd_sl=[273276]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         52.19.101.114
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 05 Sep 2022 17:33:00 GMT
expires: Mon, 12 Sep 2022 17:33:00 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css2?family=Montserrat:wght@400;600;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 17:33:00 GMT
date: Mon, 05 Sep 2022 17:33:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---