Report - www.covidactnow.org/us/metro/birmingham-hoover

Report Overview

Submitted URL
www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
IP
143.204.55.56
ASN
#16509 AMAZON-02
Submitted
2023-02-03 10:28:44
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
8
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
api.amplitude.com	1242	2019-01-27T16:02:28Z	2023-03-13T08:38:49Z	477 B	307 B	44.240.88.7
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	1.5 kB	2.5 kB	142.250.74.34
ocsp.comodoca.com	1696	2012-05-21T09:01:17Z	2023-03-13T06:44:20Z	341 B	1.0 kB	172.64.155.188
pro.ip-api.com	6172	2015-04-06T18:13:16Z	2023-03-13T05:54:12Z	412 B	457 B	51.77.64.70
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	62 kB	34.120.237.76
t.co	569	2012-07-25T21:09:44Z	2023-03-13T05:25:19Z	769 B	593 B	104.244.42.69
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.241.148.153
data.covidactnow.org	157057	2020-04-22T08:11:41Z	2023-02-13T22:01:58Z	938 B	1.3 kB	54.230.111.28
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	774 B	132 kB	142.250.74.168
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	759 B	1.2 kB	142.250.74.164
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
static.ads-twitter.com	614	2018-06-24T00:08:39Z	2023-03-13T05:25:18Z	368 B	16 kB	151.101.244.157
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-13T05:09:29Z	377 B	29 kB	157.240.205.11
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	715 B	450 B	216.239.32.36
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-13T06:26:15Z	1.5 kB	1.4 kB	142.250.74.67
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
www.googleoptimize.com	1604	2019-07-16T12:17:19Z	2023-03-13T07:14:58Z	388 B	1.9 kB	142.250.74.78
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	458 B	274 kB	142.250.74.74
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.4 kB	2.7 kB	93.184.220.29
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	1.2 kB	1.2 kB	173.194.222.157
www.covidactnow.org	863540	2020-03-22T19:29:50Z	2023-02-22T09:17:01Z	8.8 kB	848 kB	143.204.55.56
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	5.5 kB	11 kB	216.58.211.3
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	376 B	21 kB	142.250.74.110
analytics.twitter.com	526	2013-04-10T21:53:18Z	2023-03-13T05:25:19Z	786 B	613 B	104.244.42.131
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	645 B	349 B	157.240.205.35
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	887 B	54.230.245.39
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	989 B	37 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-03 10:29:03	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-02-03 10:29:03	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-02-03 10:29:03	medium	Client IP	143.204.55.56	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1
2023-02-03 10:29:03	medium	Client IP	143.204.55.56	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1
2023-02-03 10:29:05	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-02-03 10:29:05	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-02-03 10:29:05	medium	Client IP	54.230.111.28	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1
2023-02-03 10:29:05	medium	Client IP	54.230.111.28	ET HUNTING Suspicious TLS SNI Request for Possible COVID-19 Domain M1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643	2.8 kB	2023-03-13	2023-03-13
Pretty URL www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643 IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash 622ed69ecc24ee7cfe2f67e71587b34e 4e638316b8d0585276b35992b6763760785b40a7 c0be486a7725e12ac7e1d918f33a23230ff448342a90251c47349f007ba51ed9 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 09:03:18 Times Seen37087628 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.244.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-11-17
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:47:19 Last Seen2023-11-17 16:32:25 Times Seen5 Hash beca88e7d9125b63f58be285031b0930 08cda009ebdf601f0ffe06b0ee3065fff2fb105b c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236 Loading...

	www.google.com/pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4	43 B	2023-03-07	2024-04-20
Pretty URL www.google.com/pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-20 17:48:03 Times Seen63949 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	www.covidactnow.org/static/js/8.8535132a.chunk.js	1.1 MB	2023-03-13	2023-03-13
Pretty URL www.covidactnow.org/static/js/8.8535132a.chunk.js IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash 26233d18bab9bd320069c55faae7d5cd 5e7f6cf3b91e40bd63b8c3d98da3b79c0ca14aca 941b1c71a46c2c9efc90a55f3f7effafb6acece2bdbab0eaeebabf6114c8cddf Loading...

	www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643	419 B	2023-03-12	2023-03-14
Pretty URL www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643 IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:44 Last Seen2023-03-14 12:05:38 Times Seen1 Hash 34a177b778f3e1bc69d8eda18a46ed34 379660fb7eb227a1593d2c7974beb4e570bb8b33 0559eb832d34a211ff231056ee9d98270fb0581309b7f1ad80a80f40c5accdd4 Loading...

	www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643	129 B	2023-03-12	2023-03-14
Pretty URL www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643 IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:21:56 Last Seen2023-03-14 12:05:37 Times Seen1 Hash 9b1cd18dd504486ea78d83689d156166 feb9e5d9ce484dae59882829c7822895fc6c0daa 13ae96067de9782feda67fcbd49d7e419445334e3e31ddf07cef0a044a9281b5 Loading...

	www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643	129 B	2023-03-12	2023-03-14
Pretty URL www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643 IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:30:44 Last Seen2023-03-14 12:05:37 Times Seen1 Hash 3c99b753b028fd9efb9ea6b552c312ea b5b00a72bd45ae7f57703014219733c6b1b30a82 d308a95a456e26ba19dda5085c01122e21aae675b1589c55b2a6213692104116 Loading...

	www.googletagmanager.com/gtag/js?id=UA-160622988-1&l=dataLayer&cx=c	112 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-160622988-1&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash 25179ba9768215542805afda4e3428a0 3ee9f79b57581bf68100292f9103c2d5d883df32 21b2abd3ccf1782c82a3d2d1b9785ea01e940c7a13610cba240385dad1023605 Loading...

	connect.facebook.net/signals/config/538941662941644?v=2.9.95&r=stable	387 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/538941662941644?v=2.9.95&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash bfc9d817302f797ff30135e7ea61708e dc37d8f1353b402176a2f0dea86b438045dc9836 fec2bf584f3e8f534232a14befdef96c034a1de00879aa054fa7f2691afba366 Loading...

	www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643	338 B	2023-03-12	2023-03-14
Pretty URL www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643 IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:21:55 Last Seen2023-03-14 12:05:37 Times Seen1 Hash 202583bfbcf4fd0cfde6e40015e57ca0 75b7bc13b4ceb37ee74eff996d08c0d46d4dc735 9aa656e8f936b253559493049a7ac83f59121a20d5a712e059c20108a0638b94 Loading...

	www.googletagmanager.com/gtag/js?id=AW-527465415	132 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=AW-527465415 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash 3c21693382df8039c449989f91ae67eb 0e9c6800a919a247a24f419d52cbf2fe591d318f 263f153cc08098aae31c8bc8780fc1010b7a232fe734039bb3d19e6f0dd8dde8 Loading...

	www.googletagmanager.com/gtag/js?id=G-9883DK9DYY	230 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-9883DK9DYY IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash fd9d08fb56a57869a599295570197def 525187c189a8da180f5f24ec90b8c8847e0cb6e2 bdd4046116a34f0ebbbbfefbf10cd8820a1a611fdccd55b9433f480a0f7db4c3 Loading...

	www.covidactnow.org/static/js/39.0646ff17.chunk.js	466 kB	2023-03-13	2023-03-13
Pretty URL www.covidactnow.org/static/js/39.0646ff17.chunk.js IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash 3c3536d915de7b0e2545d33b5707185d 9e44b5336676a3256745925a19bdce7b8f081db8 fcd427b21e6a8a607b72887c071c46a300ec23d00699382670649199716db459 Loading...

	www.covidactnow.org/static/js/37.05c846eb.chunk.js	436 kB	2023-03-13	2023-03-13
Pretty URL www.covidactnow.org/static/js/37.05c846eb.chunk.js IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash e948fce17dd8d3444a5c8a0513a5ee0b c8d95414a0f2184f6a4c7541f9a217610c306b7c 63f20720c8f952dfa0ccb410ef0ee710a611ae5c0dd0fe402fcfe62894ddf647 Loading...

	www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643	72 B	2023-03-12	2023-03-14
Pretty URL www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643 IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:21:56 Last Seen2023-03-14 12:05:38 Times Seen1 Hash d12cdfb2412149373aa2e501c095796e 31fdcac3135e743aacc8914fc8a2ce72dda9d14c f792eac2dae93d8bbba0ec20c8285d228577d3030d68296f59d2e6f471c81c4f Loading...

	www.covidactnow.org/static/js/main.f83bfcee.chunk.js	1.8 MB	2023-03-13	2023-03-13
Pretty URL www.covidactnow.org/static/js/main.f83bfcee.chunk.js IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:14 Last Seen2023-03-13 15:44:14 Times Seen1 Hash 6292be88b47dba46c87bc00049d5e340 fbd30a8dd32050b7f4f79b5fbb7d7703a0ddbcb0 16ee7d8afec448d2d5237dc1b73c3b28be2795025543d679e37d8daa95a0a3fa Loading...

	www.covidactnow.org/static/js/18.02b04612.chunk.js	88 kB	2023-03-13	2023-03-14
Pretty URL www.covidactnow.org/static/js/18.02b04612.chunk.js IP 143.204.55.56 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:15 Last Seen2023-03-14 12:05:38 Times Seen1 Hash aec58f205c4382c6727232e76defeeb0 4a6df55292f7cdc20e7f0eaf1c126ec48bff3df3 beb13e010c6f2e2a90f8574c56dcc6a462e16f64dabe21bdc317b072d2b048d8 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/527465415/?random=1675420144572&cv=11&fst=1675420144572&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&auid=1470520578.1675420145&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-13	2023-03-13
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/527465415/?random=1675420144572&cv=11&fst=1675420144572&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&auid=1470520578.1675420145&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:44:15 Last Seen2023-03-13 15:44:15 Times Seen1 Hash c7a4e3be46b226b23c13a7292d81c8f3 b25e8423e5c8d3e9906e505122fccbf16036ef0f eab8c88d039b77148ea72d04fe189c6f6a2e7036044e389ae53c23931f8ab03a Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

HTTP Transactions (79)

URL IP Response Size

www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643

143.204.55.56

301 Moved Permanently

167 B

URL HTTP/1.1
www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1

HTTP Headers

GET /us/metro/birmingham-hoover_al/?s=1721643 HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 03 Feb 2023 10:28:33 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
X-Cache: Redirect from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RlkDERkNwVmElwS2NhXyREsMp14x1ec7esgeMrezluIDfngOCtKzrg==

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10846
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 10:28:33 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4860
Expires: Fri, 03 Feb 2023 11:49:33 GMT
Date: Fri, 03 Feb 2023 10:28:33 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 09:43:35 GMT
content-type: application/json
age: 2698
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6895
Expires: Fri, 03 Feb 2023 12:23:28 GMT
Date: Fri, 03 Feb 2023 10:28:33 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: U8XdHVdIdG2PQzr7/dOKZQUn8CxB3WSU4u5jnINpgEWtcQsdEybFgFQzBCmLqDAYUCEy6w52B8ia98CFHeaSiQ==
x-amz-request-id: SYXMD9GG18TA0K9C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 09:52:22 GMT
age: 2171
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 10:28:33 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f3a3c76852991c94e3459fa329579b19
3fa7ef0c9b20baa814f94d40bcd3522a6fa0bd04
4e3dc2baaa31af85beea9408d74cfb91c5d72946120ffcc1dec3d1bf08781202

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 10:28:33 GMT
Etag: "63db36e4-1d7"
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rCdheRm_RtyO3DtvPVdYnngR2sDbX5xh86lY9pIP745oQPUg0gGMNA==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 10:07:19 GMT
age: 1274
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4389
Expires: Fri, 03 Feb 2023 11:41:42 GMT
Date: Fri, 03 Feb 2023 10:28:33 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.covidactnow.org/static/css/main.c0b03cc5.chunk.css

143.204.55.56

200 OK

1.2 kB

URL HTTP/2
www.covidactnow.org/static/css/main.c0b03cc5.chunk.css
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type
data
Size
1.2 kB (1241 bytes)
Hash
03eed93b2272c3d60dd769a5ff2160cf
5444457498ddfbcc2d26ec92ee36100e6bcc5218
dd6e04916fed6aceacbd773c60a36b780e27bbe5a73dc083bcc4f21dbb317af1

HTTP Headers

GET /static/css/main.c0b03cc5.chunk.css HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Thu, 02 Feb 2023 16:51:52 GMT
cache-control: max-age=31536000
last-modified: Thu, 02 Feb 2023 16:47:08 GMT
etag: W/"de7fd74e1f369cf764cdd7051c2dfaec"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Fsjt1wtdJP260qLiWoWLsxjI3-cMUDqyzuiQI-A2SRc5iq1aJrXLUQ==
age: 63402
X-Firefox-Spdy: h2

www.googleoptimize.com/optimize.js?id=OPT-WT27VPR

142.250.74.78

404 Not Found

1.6 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-WT27VPR
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1587 bytes)
Hash
6cf4ca2f857c6a5b4aaaee02c05de1b1
5720f15572bc9d44c72d4e77ca1076fd3e8ce25e
83b314df297b757ebb28f1ae386d065caa190159330c2edd32b839220d2b51e6

HTTP Headers

GET /optimize.js?id=OPT-WT27VPR HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:28:33 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1587
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-527465415

142.250.74.168

200 OK

51 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-527465415
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
51 kB (50818 bytes)
Hash
1ccd27ce8a56c5b75e81aaadbd8cfeb4
deb707b7529f7f3477785fe44773d199c6821d7f
e51a7e6d862b155739c8b8529561558df92ea0e10dfed47d95f7d42660eb31e3

HTTP Headers

GET /gtag/js?id=AW-527465415 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 10:28:33 GMT
expires: Fri, 03 Feb 2023 10:28:33 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-9883DK9DYY

142.250.74.168

200 OK

80 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-9883DK9DYY
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23487)
Size
80 kB (79908 bytes)
Hash
493be0a91d7b572d0b526572ca05910b
bc0d19e6c54d5f78d919feb105852f5098b11305
b601e54a93da2447fafd82ab5cc5d4ac8fa0cb9f0f217d41d94b55fa58f5c789

HTTP Headers

GET /gtag/js?id=G-9883DK9DYY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 10:28:33 GMT
expires: Fri, 03 Feb 2023 10:28:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79908
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.241.148.153

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.241.148.153:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5Mz7H6BfOFRKBoysrBT0xw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6pnMkenwQAnbcRVloLDHRfAf/qU=

www.covidactnow.org/static/media/covid-act-now-logo.0ac0983b.png

143.204.55.56

200 OK

14 kB

URL HTTP/2
www.covidactnow.org/static/media/covid-act-now-logo.0ac0983b.png
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type
PNG image data, 626 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14086 bytes)
Hash
0ac0983bdce4845cae078fcc0402a36e
00faad20c7ecd3f27cb1c7bf2051147d277a5a0c
3732e0daabbd4c7eec5719bf63450e7b5f8a725d5ba29a4f0abf228bba934e0d

HTTP Headers

GET /static/media/covid-act-now-logo.0ac0983b.png HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.0.1675420144.0.0.0; _ga=GA1.1.543494198.1675420145
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 14086
date: Thu, 02 Feb 2023 19:17:32 GMT
cache-control: max-age=31536000
last-modified: Thu, 02 Feb 2023 16:47:09 GMT
etag: "0ac0983bdce4845cae078fcc0402a36e"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qUQtCQXGpR0tjsdP7IPP4aBC_TSFHPkScIJ-hxJBArMzfzyBQ2QoBA==
age: 54662
X-Firefox-Spdy: h2

data.covidactnow.org/snapshot/4511/v2/version.json

54.230.111.28

200 OK

158 B

URL HTTP/2
data.covidactnow.org/snapshot/4511/v2/version.json
IP
54.230.111.28:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
158 B (158 bytes)
Hash
7b3d9e79e4123d9d7593fa0755f51085
6541c81daa0edff97a8cf7d65a6889d21b47cc6d
63ad98430cf047812f08ccfe90e7a74b0737e1f56cf63a1509c99cdb1659c122

HTTP Headers

GET /snapshot/4511/v2/version.json HTTP/1.1
Host: data.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Origin: https://www.covidactnow.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json
content-length: 158
date: Thu, 02 Feb 2023 16:50:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Thu, 02 Feb 2023 09:24:55 GMT
etag: "7b3d9e79e4123d9d7593fa0755f51085"
x-amz-version-id: 2knfENmOkPPVVx7xH.T4hwnTkGWGVMyT
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dMPC7M3hxV02ea2UnD_944__Fn_kOWvQlg8hCrO8ZIu8iSTvpJHOaA==
age: 63476
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-9883DK9DYY&gtm=45je3210&_p=1176595070&cid=543494198.1675420145&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675420144&sct=1&seg=0&dl=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&dt=Covid%20Act%20Now&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-9883DK9DYY&gtm=45je3210&_p=1176595070&cid=543494198.1675420145&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675420144&sct=1&seg=0&dl=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&dt=Covid%20Act%20Now&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9883DK9DYY&gtm=45je3210&_p=1176595070&cid=543494198.1675420145&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675420144&sct=1&seg=0&dl=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&dt=Covid%20Act%20Now&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.covidactnow.org
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.covidactnow.org
date: Fri, 03 Feb 2023 10:28:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.covidactnow.org/static/js/8.8535132a.chunk.js

143.204.55.56

200 OK

328 kB

URL HTTP/2
www.covidactnow.org/static/js/8.8535132a.chunk.js
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type
data
Size
328 kB (328456 bytes)
Hash
da1bdad38aef2be5dd35e688292802c3
d9f6954b26f37203f11d13c60ca8d718a153cee3
ebb5e382949a3b9fe25573cf9d27140ef84d03c8e2a7be3a2887c5a854c3c960

HTTP Headers

GET /static/js/8.8535132a.chunk.js HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
date: Thu, 02 Feb 2023 16:51:52 GMT
cache-control: max-age=31536000
last-modified: Thu, 02 Feb 2023 16:47:09 GMT
etag: W/"26233d18bab9bd320069c55faae7d5cd"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GGtyNo9yY8izinQQciTGQ6Bp9FpFWpRrERh17Y95kcQCsbx1BMwpqg==
age: 63401
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Source+Code+Pro:wght@400;700&family=Roboto:wght@400;500;700&display=swap

142.250.74.74

200 OK

273 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Source+Code+Pro:wght@400;700&family=Roboto:wght@400;500;700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
273 kB (272827 bytes)
Hash
c1f5ea32b2f4d3ad4525f668d4998f76
b29f3a368e27500816ec5afaf8dbfda6d6d7e748
9887abbf0c66c42c60d71356bfd925eb758ec715b8738600d44c9ef1c6946b0e

HTTP Headers

GET /css2?family=Source+Code+Pro:wght@400;700&family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Feb 2023 10:28:33 GMT
date: Fri, 03 Feb 2023 10:28:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e3383a870b280d28b1d924543e6128af
0e9ccaf308e10ae68774fe0d32e10d063f379e7d
093a4523b327faf080d2d200d6e8d9e615abe6e048a72d70c3bc8e9f89cc50bf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.covidactnow.org/static/js/39.0646ff17.chunk.js

143.204.55.56

200 OK

146 kB

URL HTTP/2
www.covidactnow.org/static/js/39.0646ff17.chunk.js
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type
data
Size
146 kB (145953 bytes)
Hash
a60d588a73b2c601f45763791464583f
32a24c25f7b7c32c4b867e0edd40b3acf7d10048
730601fbda370bbad7ae3ebb2f095c5be7daae588434d8489d7335b512657dcf

HTTP Headers

GET /static/js/39.0646ff17.chunk.js HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.0.1675420144.0.0.0; _ga=GA1.1.543494198.1675420145
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
date: Thu, 02 Feb 2023 16:54:23 GMT
cache-control: max-age=31536000
last-modified: Thu, 02 Feb 2023 16:47:09 GMT
etag: W/"3c3536d915de7b0e2545d33b5707185d"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eg4OwrstBQ0YHN1791mLCGHcMm6Qh5OhXlpIMshsF7pAsrQ4VC7Crw==
age: 63252
X-Firefox-Spdy: h2

pro.ip-api.com/json/?key=5xnFKRlZSFmdOrN

51.77.64.70

200 OK

277 B

URL HTTP/1.1
pro.ip-api.com/json/?key=5xnFKRlZSFmdOrN
IP
51.77.64.70:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
277 B (277 bytes)
Hash
82020d94bbcf2db6d97419efa8285c3a
4c582444cd3aed07cc146f84943944384a531260
ce29f494686471ff7bb20a96efeb02abe0f76f557035a637f9a2201f90a2fd3d

HTTP Headers

GET /json/?key=5xnFKRlZSFmdOrN HTTP/1.1
Host: pro.ip-api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.covidactnow.org
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://www.covidactnow.org
Content-Type: application/json; charset=utf-8
Date: Fri, 03 Feb 2023 10:28:34 GMT
Content-Length: 277

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.covidactnow.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 249568
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcecodepro/v22/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2

216.58.207.227

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/sourcecodepro/v22/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19680, version 1.0\012- data
Size
20 kB (19680 bytes)
Hash
0628e64d7cdd00a4c6c41b7554ecf8b1
0dee04b143193572e8421021f5fe03b006fa4530
1c2e64053b56afdcc933af75555920cf89c08b8ca04961f4815abdbd0bdcdbc3

HTTP Headers

GET /s/sourcecodepro/v22/HI_SiYsKILxRpg3hIP6sJ7fM7PqlPevW.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.covidactnow.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19680
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:10:29 GMT
expires: Sat, 03 Feb 2024 02:10:29 GMT
cache-control: public, max-age=31536000
age: 29885
last-modified: Tue, 23 Aug 2022 18:25:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.covidactnow.org/favicon.ico

143.204.55.56

200 OK

15 kB

URL HTTP/2
www.covidactnow.org/favicon.ico
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
15 kB (15406 bytes)
Hash
db67e8dbb38e7b873b79325efd2e57ba
ec9d54bbc9785d49f26ab900819b152eaca154b9
9da2c50568a439d9992231a03eb6e4ff475aa3cd80b6d85d31de0144004f9357

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.0.1675420144.0.0.0; _ga=GA1.1.543494198.1675420145; amp_c92804=NyO4Nph-jz9lg2r35al0w3...1gobd55ri.1gobd55ri.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 15406
date: Fri, 03 Feb 2023 07:29:49 GMT
last-modified: Thu, 02 Feb 2023 16:47:29 GMT
etag: "db67e8dbb38e7b873b79325efd2e57ba"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ht6KAFAAmJRM1XUbUmq7RKcrGIpIJIRkB4EjASO84haIuxu5DyAvcw==
age: 10727
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.covidactnow.org/static/js/main.f83bfcee.chunk.js

143.204.55.56

200 OK

332 kB

URL HTTP/2
www.covidactnow.org/static/js/main.f83bfcee.chunk.js
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type
data
Size
332 kB (332303 bytes)
Hash
019bb1c4ba422d7e85d847bbc6a8fd99
d11159721bd59f7be367b820efdb390655e2a77b
b16a4f7910d003ac171d5b4eece9a568a161b872f257492527c84fa90caa2c80

HTTP Headers

GET /static/js/main.f83bfcee.chunk.js HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
date: Thu, 02 Feb 2023 16:51:52 GMT
cache-control: max-age=31536000
last-modified: Thu, 02 Feb 2023 16:47:09 GMT
etag: W/"6292be88b47dba46c87bc00049d5e340"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eFboxc8y3vzBwi8Fc59vL5pbyOz5ju0BiGD97saC48cxV3x5OC0pMw==
age: 63401
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 09:44:08 GMT
expires: Fri, 03 Feb 2023 11:44:08 GMT
cache-control: public, max-age=7200
age: 2667
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6401
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:35 GMT
Last-Modified: Fri, 03 Feb 2023 08:41:54 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

googleads.g.doubleclick.net/pagead/viewthroughconversion/527465415/?random=1675420144572&cv=11&fst=1675420144572&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&auid=1470520578.1675420145&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

916 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/527465415/?random=1675420144572&cv=11&fst=1675420144572&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&auid=1470520578.1675420145&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1945), with no line terminators
Size
916 B (916 bytes)
Hash
1281847b8ffa707770bc24caad1a35e9
974a5ea782490dad749d743521c81cad68068ec4
3aa5f627f7288be0136c7cd4f18c168d10bacf1f68f70628c2794188f57666f2

HTTP Headers

GET /pagead/viewthroughconversion/527465415/?random=1675420144572&cv=11&fst=1675420144572&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&auid=1470520578.1675420145&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:28:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 916
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 10:43:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.244.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.244.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Fri, 03 Feb 2023 10:28:35 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&ct_cookie_present=1

142.250.74.34

200 OK

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&ct_cookie_present=1
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:28:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 10:43:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4

142.250.74.164

302 Found

63 B

URL HTTP/2
www.google.com/pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:28:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.205.11

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.205.11:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27843 bytes)
Hash
dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: iMd2zpIWL1crxjxoosC6KL4VHq9MaWJd88jZlpdXORabHZb/Mnj5hI6UYqA0qlM7Gc+bZNI3CnXrsPhlXbgZpA==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 10:28:35 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9bfd33253208c9d034988400d66abd5d
8811fd76d9bc56c15431433f8f08d648185992ed
6382de7eb2bc0b40dc6d2e21ab8b6cb90cc0effe3241e3fb5008d2e4f626e92c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ede42358dbe8cf2e6b7e6a2653774d01
5dc8ca0b929f04fb15c7ff81d0a9decda023b7fb
8e841815d41c4ade06e328cb1ffb9be342640167ec6acb658f6b4b373e23a52a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6401
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:35 GMT
Last-Modified: Fri, 03 Feb 2023 08:41:54 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5145
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 10:28:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5145
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 10:28:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5145
Expires: Fri, 03 Feb 2023 11:54:20 GMT
Date: Fri, 03 Feb 2023 10:28:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12514 bytes)
Hash
b67f1de5050f7e32226bb0b279e5f450
058dc594601de546ae391ffa47269b404fee0f02
268b5f2557e4f171f33641cc7923d6cd786cba6e056f6656c82113b49b70a3df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff49ad64-ed0c-4270-8972-02b93a55c3b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12514
x-amzn-requestid: e5e536fd-15ec-4a9f-a678-c24e6202d0f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_y3HRSoAMFxUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379ab-5137ec566a8ccb4a3628e17a;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:13:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KvaWZ_Re1oRbOGg3MDxp5BKPCMAzYqCfVo4n3rf67ppjVO9Pmey4wg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:56:23 GMT
age: 45132
etag: "058dc594601de546ae391ffa47269b404fee0f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 45046
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 45634
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9130 bytes)
Hash
02123eef9faa8560ff66b058d4e13a28
decf26282993d7f0b14cf4112d14fa39c97fa89f
28889ff20f1b2fe0b73f8f97e6569f1d68d77fe436eeb47cc06ee4f0822ff239

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15f2ebc9-82b4-4f1b-b0b8-978571cb123b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9130
x-amzn-requestid: 09ad3fbb-1e71-4455-82df-6e59f65239a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuxiYEkqIAMFVZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2fa8-1dca116e4317f9bd14f6d45a;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:48:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _Bc2svrG-wX63DK9RPUyjh-n6AHVHaQe3QRmEL27L-amwCH2I_f_9g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:38 GMT
age: 45057
etag: "decf26282993d7f0b14cf4112d14fa39c97fa89f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6398 bytes)
Hash
4a92e881554205ebbe3721a7bbaeab40
b620fc82bd15b55b581bd8c3a699e1b16563ad2e
ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cGZEXolULcBUgvrZ55IWnR825LgkHDFmJFJ5i9lcl4KYbDte3-N1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:43 GMT
age: 45052
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
3729d8445019ddf0cb6e03e7cdbe643a
b513f16d0106e68311b09addade6d44894e3537b
1e38f04f29641215a4d0476be900b37b8819d929db7ef6d4deab15a361e46f1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3022
Cache-Control: max-age=94583
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:35 GMT
Etag: "63dba47c-139"
Expires: Sat, 04 Feb 2023 12:44:58 GMT
Last-Modified: Thu, 02 Feb 2023 11:54:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313

t.co/i/adsct?bci=3&eci=2&event_id=d8d873ce-ab72-4ec5-806b-abd9dda53e97&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fad7c495-25a5-485d-98d0-b09c9ddf22b4&tw_document_href=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3f92&type=javascript&version=2.3.29

104.244.42.69

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=d8d873ce-ab72-4ec5-806b-abd9dda53e97&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fad7c495-25a5-485d-98d0-b09c9ddf22b4&tw_document_href=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3f92&type=javascript&version=2.3.29
IP
104.244.42.69:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=d8d873ce-ab72-4ec5-806b-abd9dda53e97&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fad7c495-25a5-485d-98d0-b09c9ddf22b4&tw_document_href=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3f92&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:28:34 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=6ea2227e-c950-4cec-815e-2034bf9c0343; Max-Age=63072000; Expires=Sun, 02 Feb 2025 10:28:35 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 34b54a310d9e1b52
strict-transport-security: max-age=0
x-response-time: 106
x-connection-hash: 02af3a550ae6fe3648646603eb6dd11c7fa9b91cb9cf9f221e4cec1ce3aeeac1
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.comodoca.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
91f77accfdecd9abff22f103c9726e50
a2085989812bc7985bcd60da2c4913b7c93ef5ec
fe5af7a15129947869cf30856f1ef7655fff6036543771d8a414d3f425ff8969

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 10:28:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 03:38:25 GMT
Expires: Wed, 08 Feb 2023 03:38:24 GMT
Etag: "a2085989812bc7985bcd60da2c4913b7c93ef5ec"
Cache-Control: max-age=602704,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 43
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793a7b0d8d890b06-OSL

www.google.no/pagead/1p-user-list/527465415/?random=1675420144572&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3188255795&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/527465415/?random=1675420144572&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3188255795&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/527465415/?random=1675420144572&cv=11&fst=1675418400000&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3188255795&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:28:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0

142.250.74.67

200 OK

63 B

URL HTTP/2
www.google.no/pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/527465415/?random=1675420144582&cv=11&fst=1675420144582&bg=ffffff&guid=ON&async=1&gtm=45be3210&u_w=1280&u_h=1024&label=lRyqCM2a9-kBEMf3wfsB&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D1721643&tiba=Covid%20Act%20Now&gtm_ee=1&auid=1470520578.1675420145&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 10:28:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
d748dcaaec947b38996a2f987e98b2b9
7e018ab7e9f0c73d53379d1698a06177b0643687
2ef4873c62fe3cfbc33e7a8f0ab428ab78676b1d01c2aee8bc16d50fafe756d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:36 GMT
Last-Modified: Fri, 03 Feb 2023 09:04:22 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2bef39ac599211fe23ad884ceacf1c9b
c19b32a600412658c49a3e55d5d8353a5101c31d
0ff4181df99351d3aa3490540d2f19474531fb07e13ee457b9339efab1a47ad9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 10:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d8d873ce-ab72-4ec5-806b-abd9dda53e97&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fad7c495-25a5-485d-98d0-b09c9ddf22b4&tw_document_href=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3f92&type=javascript&version=2.3.29

104.244.42.131

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d8d873ce-ab72-4ec5-806b-abd9dda53e97&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fad7c495-25a5-485d-98d0-b09c9ddf22b4&tw_document_href=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3f92&type=javascript&version=2.3.29
IP
104.244.42.131:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=d8d873ce-ab72-4ec5-806b-abd9dda53e97&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fad7c495-25a5-485d-98d0-b09c9ddf22b4&tw_document_href=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o3f92&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:28:35 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_cYf+blLn/q4WFZvhiCL3Cg=="; Max-Age=63072000; Expires=Sun, 02 Feb 2025 10:28:36 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 929919ef7b329b5b
strict-transport-security: max-age=631138519
x-response-time: 106
x-connection-hash: 744a46a49f191af82dd1d8765f01aa7f420167949e6d3d5a46f5c42e7bc326ec
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160622988-1&cid=543494198.1675420145&jid=205766724&gjid=1525581620&_gid=1379901633.1675420146&_u=YADAAUAAAAAAACAAI~&z=1892843032

173.194.222.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160622988-1&cid=543494198.1675420145&jid=205766724&gjid=1525581620&_gid=1379901633.1675420146&_u=YADAAUAAAAAAACAAI~&z=1892843032
IP
173.194.222.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160622988-1&cid=543494198.1675420145&jid=205766724&gjid=1525581620&_gid=1379901633.1675420146&_u=YADAAUAAAAAAACAAI~&z=1892843032 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.covidactnow.org
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.covidactnow.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 10:28:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160622988-1&cid=543494198.1675420145&jid=440222479&gjid=1050861192&_gid=1379901633.1675420146&_u=aADAAUABAAAAACACI~&z=478102643

173.194.222.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160622988-1&cid=543494198.1675420145&jid=440222479&gjid=1050861192&_gid=1379901633.1675420146&_u=aADAAUABAAAAACACI~&z=478102643
IP
173.194.222.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-160622988-1&cid=543494198.1675420145&jid=440222479&gjid=1050861192&_gid=1379901633.1675420146&_u=aADAAUABAAAAACACI~&z=478102643 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.covidactnow.org
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.covidactnow.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Feb 2023 10:28:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.amplitude.com/

44.240.88.7

200 OK

7 B

URL HTTP/2
api.amplitude.com/
IP
44.240.88.7:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
260ca9dd8a4577fc00b7bd5810298076
53a5687cb26dc41f2ab4033e97e13adefd3740d6
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

HTTP Headers

POST / HTTP/1.1
Host: api.amplitude.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 1194
Origin: https://www.covidactnow.org
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 03 Feb 2023 10:28:36 GMT
content-type: text/html;charset=utf-8
content-length: 7
access-control-allow-origin: *
access-control-allow-methods: GET, POST
trace-id: Root=1-63dce1d4-6f0436a05e43744f2305cb55
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=538941662941644&ev=PageView&dl=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&rl=&if=false&ts=1675420146986&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675420146984.1106807349&it=1675420146123&coo=false&rqm=GET

157.240.205.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=538941662941644&ev=PageView&dl=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&rl=&if=false&ts=1675420146986&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675420146984.1106807349&it=1675420146123&coo=false&rqm=GET
IP
157.240.205.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=538941662941644&ev=PageView&dl=https%3A%2F%2Fwww.covidactnow.org%2Fus%2Fmetro%2Fbirmingham-hoover_al%2F%3Fs%3D45113262&rl=&if=false&ts=1675420146986&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675420146984.1106807349&it=1675420146123&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.covidactnow.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Feb 2023 10:28:36 GMT
X-Firefox-Spdy: h2

www.covidactnow.org/images_cms/testing-recommends_icon.svg

143.204.55.56

200 OK

0 B

URL HTTP/2
www.covidactnow.org/images_cms/testing-recommends_icon.svg
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images_cms/testing-recommends_icon.svg HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.1.1675420146.0.0.0; _ga=GA1.2.543494198.1675420145; amp_c92804=NyO4Nph-jz9lg2r35al0w3...1gobd55ri.1gobd56ev.1.0.1; _gid=GA1.2.1379901633.1675420146; _gat_gtag_UA_160622988_1=1; _gat=1; _gat_legacy=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 02 Feb 2023 19:17:33 GMT
cache-control: max-age=86400
last-modified: Thu, 02 Feb 2023 16:47:20 GMT
etag: W/"18c225f517a59e2029684e99bd622ecc"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DQd8iBAJ6imqwKL7uieglmEE4iVDReSyqJ3qO6uqfuD-cEHsJQjc5A==
age: 54664
X-Firefox-Spdy: h2

data.covidactnow.org/snapshot/4511/v2/cbsa/13820.timeseries.json

54.230.111.28

200 OK

0 B

URL HTTP/2
data.covidactnow.org/snapshot/4511/v2/cbsa/13820.timeseries.json
IP
54.230.111.28:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /snapshot/4511/v2/cbsa/13820.timeseries.json HTTP/1.1
Host: data.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Origin: https://www.covidactnow.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
content-type: application/json
date: Fri, 03 Feb 2023 10:28:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Thu, 02 Feb 2023 09:20:28 GMT
etag: W/"a65aff8a3ff40647dd06615cd7688647"
x-amz-version-id: qw8bbvW5iPMIhvtxltH_SsyV3g4VjCoE
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B94CYTx9POEdQI07dFjAhyR9HbvLmpKBNR_IL-nq1Yogomv6Ka2AaQ==
X-Firefox-Spdy: h2

www.covidactnow.org/images_cms/mask_recommends_icon.svg

143.204.55.56

200 OK

0 B

URL HTTP/2
www.covidactnow.org/images_cms/mask_recommends_icon.svg
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images_cms/mask_recommends_icon.svg HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.1.1675420146.0.0.0; _ga=GA1.2.543494198.1675420145; amp_c92804=NyO4Nph-jz9lg2r35al0w3...1gobd55ri.1gobd56ev.1.0.1; _gid=GA1.2.1379901633.1675420146; _gat_gtag_UA_160622988_1=1; _gat=1; _gat_legacy=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 02 Feb 2023 19:17:33 GMT
cache-control: max-age=86400
last-modified: Thu, 02 Feb 2023 16:47:19 GMT
etag: W/"fe345309268ce80d40b66741981f910c"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rrvhjlubGVO1n4hjBQI2KeWoTNMfbgZndcED7rgvgWJZMVfsZ_VHPg==
age: 54664
X-Firefox-Spdy: h2

www.covidactnow.org/static/js/37.05c846eb.chunk.js

143.204.55.56

200 OK

0 B

URL HTTP/2
www.covidactnow.org/static/js/37.05c846eb.chunk.js
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/js/37.05c846eb.chunk.js HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.0.1675420144.0.0.0; _ga=GA1.1.543494198.1675420145
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
date: Thu, 02 Feb 2023 16:54:45 GMT
cache-control: max-age=31536000
last-modified: Thu, 02 Feb 2023 16:47:09 GMT
etag: W/"e948fce17dd8d3444a5c8a0513a5ee0b"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UF1usmO4r33DWY04HwLMQpt1OV1y99eDU6SLHDGO-5o1z563aSiA7A==
age: 63230
X-Firefox-Spdy: h2

www.covidactnow.org/images_cms/vaccine_recommends_icon.svg

143.204.55.56

200 OK

0 B

URL HTTP/2
www.covidactnow.org/images_cms/vaccine_recommends_icon.svg
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images_cms/vaccine_recommends_icon.svg HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.1.1675420146.0.0.0; _ga=GA1.2.543494198.1675420145; amp_c92804=NyO4Nph-jz9lg2r35al0w3...1gobd55ri.1gobd56ev.1.0.1; _gid=GA1.2.1379901633.1675420146; _gat_gtag_UA_160622988_1=1; _gat=1; _gat_legacy=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 02 Feb 2023 19:17:33 GMT
cache-control: max-age=86400
last-modified: Thu, 02 Feb 2023 16:47:20 GMT
etag: W/"f0671d17961330a2a370db00fca9d8dd"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EF3wZS9F5P_JfdNscp4wELsXB0egIYxWzr_3kWz1GaKcGdJ6FP1C8A==
age: 54664
X-Firefox-Spdy: h2

www.covidactnow.org/images_cms/booster_recommends_icon.svg

143.204.55.56

200 OK

0 B

URL HTTP/2
www.covidactnow.org/images_cms/booster_recommends_icon.svg
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images_cms/booster_recommends_icon.svg HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.1.1675420146.0.0.0; _ga=GA1.2.543494198.1675420145; amp_c92804=NyO4Nph-jz9lg2r35al0w3...1gobd55ri.1gobd56ev.1.0.1; _gid=GA1.2.1379901633.1675420146; _gat_gtag_UA_160622988_1=1; _gat=1; _gat_legacy=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 02 Feb 2023 19:17:33 GMT
cache-control: max-age=86400
last-modified: Thu, 02 Feb 2023 16:47:18 GMT
etag: W/"bc6d6987e97176e90b3e441b18b34865"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2ld5QsvONoZTT524VC_hHg7xVs9gX9y3YY1uOAO9HQmnGQRZqF4lrw==
age: 54664
X-Firefox-Spdy: h2

www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643

143.204.55.56

200 OK

0 B

URL HTTP/2
www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1

HTTP Headers

GET /us/metro/birmingham-hoover_al/?s=1721643 HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html
date: Fri, 03 Feb 2023 10:28:34 GMT
cache-control: max-age=300
last-modified: Thu, 02 Feb 2023 16:49:03 GMT
etag: W/"3a530b474d414dff1bcec854b40c88bd"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 489UsTpLDltK_jJ8d1KmrK3vnVPcIrUWw4rZ9-ZegTN4vZfmPRZ5Pg==
X-Firefox-Spdy: h2

www.covidactnow.org/static/js/18.02b04612.chunk.js

143.204.55.56

200 OK

0 B

URL HTTP/2
www.covidactnow.org/static/js/18.02b04612.chunk.js
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/js/18.02b04612.chunk.js HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=45113262
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.0.1675420144.0.0.0; _ga=GA1.1.543494198.1675420145
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
date: Thu, 02 Feb 2023 16:51:54 GMT
cache-control: max-age=31536000
last-modified: Thu, 02 Feb 2023 16:47:08 GMT
etag: W/"aec58f205c4382c6727232e76defeeb0"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RGb8TZ4yKjCgxZwoyZSJaaTgYBvjoNIxr7jOUdiwzQDIg6LWIQkWXQ==
age: 63401
X-Firefox-Spdy: h2

www.covidactnow.org/logo192.png

143.204.55.56

200 OK

0 B

URL HTTP/2
www.covidactnow.org/logo192.png
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /logo192.png HTTP/1.1
Host: www.covidactnow.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.covidactnow.org/us/metro/birmingham-hoover_al/?s=1721643
Connection: keep-alive
Cookie: _gcl_au=1.1.1470520578.1675420145; _ga_9883DK9DYY=GS1.1.1675420144.1.0.1675420144.0.0.0; _ga=GA1.1.543494198.1675420145; amp_c92804=NyO4Nph-jz9lg2r35al0w3...1gobd55ri.1gobd55ri.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/html
date: Fri, 03 Feb 2023 07:29:49 GMT
cache-control: max-age=300
last-modified: Thu, 02 Feb 2023 16:47:40 GMT
etag: W/"210652193e663e88ea16433437caee7b"
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
content-security-policy: upgrade-insecure-requests;
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 27omG2BKkHfqrTz432POAnEV7K7Dw6pPcxl6kB4dD3eOK5cF8LfyZg==
age: 10727
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL