r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c19f4a1def760c07cbc4aec1d0d6c050
6ad911a7c02f5e5fdd82fa86cae0453528d53a6d
750bba81910a4bbd78ab484ba03781a36459a0aec147d7c47424e9a9bf152b40
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "750BBA81910A4BBD78AB484BA03781A36459A0AEC147D7C47424E9A9BF152B40"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3714
Expires: Sat, 22 Oct 2022 00:47:58 GMT
Date: Fri, 21 Oct 2022 23:46:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 22:52:32 GMT
Expires: Fri, 21 Oct 2022 22:57:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -gZIUUmUlNl59k0Lk0j2ypPFDv3j4pUtdol-i2MqGnyqVVuTSx10EQ==
Age: 3212
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5625
Expires: Sat, 22 Oct 2022 01:19:49 GMT
Date: Fri, 21 Oct 2022 23:46:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LNwoGwYU1b6EX2WYmUuQ/bepPY8/Dux9V/IfmNz1Ce5ZFV7qkRMVGNBLPnW6hFV/+keO7a6Q4eg=
x-amz-request-id: TX24EHQFBYWMHS8V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 23:37:21 GMT
age: 523
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.jeffreymalickforcitycouncil.com/
199.34.228.164302 Found 418 B URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/
IP 199.34.228.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d2559b228d2f2ffe0853b5ed77d5e957
cf528bd06acca7297b4a150c5f0998d64631b49c
c880ba17d5352d17664686446797599cf985623619fd0a8c0c367afdc9625552
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
Date: Fri, 21 Oct 2022 23:46:04 GMT
Location: https://www.jeffreymalickforcitycouncil.com
Set-Cookie: publishedsite-xsrf=eyJpdiI6IkMwWEZNTG1mXC9wbllYSEdPaGh1OUlnPT0iLCJ2YWx1ZSI6IjlKbEpHNCtZVEJWQmxyNkVoXC85OG80dE4xdmFSN0I3SkVQSFYrdjNcL0dXSHhWXC90WWdPWm9TU0M1dDBBaDN6bHZCNnN5MUQzZHBjWXlQTkE4OXpnUXF4bTRIM05iWmxRNXlwV1ZHNjFPb1VjOWRSS0krcmRZcFBZU0VxRjJzbUR5IiwibWFjIjoiZTcwOTJmMmY5OGViMzk3NDEyYTBhZWY2ODExYzYxNmRkMDhiNTk4NDQxMzUyMjE4NTRmOWU3NWM1YzZkM2NlZiJ9; expires=Fri, 04-Nov-2022 23:46:04 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6ImM2WlpaNk5MbUltSTBhZUZOZnNqRlE9PSIsInZhbHVlIjoiK3g5YllcL0dwNGMwcUIwTzhcL2JEXC9vU1lrMXRKNWtpRTB4Z0ZxZUxiSkVQOUlIN3lSMmYyTUNvUnBFWElKckR2NGJJVFd4OG5UQ1ZVV01iUmJnRVdTWVA2VWpFRUZPQTZ3Vms4N2dveStTRWxIeFRHZlJkU2FwTHFYd1I4dWIyMjEiLCJtYWMiOiI4NmEwNDA0NjFhNGZjMDIyZTFiNWRjYjhhNmY1MDRjYTE1ODcwNjA1MTE1MDNiNTkyMzc0MGIyYjY2MGQ5MzU2In0%3D; expires=Fri, 04-Nov-2022 23:46:04 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6IlRERUdFcTJ4R1NqMTV4R2ZMdWZiUUE9PSIsInZhbHVlIjoiTW04QURUMzFOaDVNb081WjNScVo4MFRpaEZKVmcyYTl5c2QzZlBxdEZTQnQwdlhvZnU1cEdNbktyc2RTbmNIRlFkVUJsMzlPeEJFOGlwd29wVlNtRk9YVHUrVHFrdzEzOUN2SFdxZEMxNlpsd2w3cVpmcWNzcUV6TE80eGl5VXIiLCJtYWMiOiI5OTM5OTdjYWE2NzNhZDlkYmNmNDllYzgyZWZlNjQzZWE1NjEwZjUzYTBjZTMxMzI3MTRhNmIxOGRmYjVkNjRmIn0%3D; expires=Fri, 04-Nov-2022 23:46:04 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu77.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 2f5314d8bb44f48f4df09f78edba6a1c
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 23:46:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 21 Oct 2022 23:43:40 GMT
Cache-Control: max-age=3600
Expires: Fri, 21 Oct 2022 23:54:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ojnqIfxxBnBDwqTb-EGMwl85m6BWnrJ_ESjjaGcPS1cPQv1jyRvOUA==
Age: 145
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4add9fb3fe37936d776044dccb9ef9cc
32d5fdf149f7714d96b8eaf851c34d1bd99e0371
1a6c31905ed4eb74dcf4fb93f701d5db607d295a97c18c1d8a90ed6aac7410e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A6C31905ED4EB74DCF4FB93F701D5DB607D295A97C18C1D8A90ED6AAC7410E4"
Last-Modified: Wed, 19 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 22 Oct 2022 05:46:05 GMT
Date: Fri, 21 Oct 2022 23:46:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2020
Cache-Control: max-age=118462
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:05 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 08:40:27 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
151.101.85.46200 OK 5.0 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (11882), with no line terminators
Hash 20a4e66f534b80396d40bbc4291b2172
d7c962996f2715d94483be2bf9b644c7185d7ec7
0f19e8ad1c9bd5ae2ae5141f31b4e491bb460558da0ac51cd402964e716880ac
GET /app/checkout/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 29 Mar 2022 18:09:33 GMT
x-rgw-object-type: Normal
etag: W/"40372ca3b0cfa19f4e5d664243108364"
x-amz-request-id: tx00000000000005ce1aaac-0062434bb9-a9f1ce7-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/js/system.min.edf02612a6bb463d71cb5efc5a4b495e.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:05 GMT
via: 1.1 varnish
age: 3893
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.835817,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4998
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/runtime.c4d4307ee61f5cebe6fd.js
151.101.85.46200 OK 25 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/runtime.c4d4307ee61f5cebe6fd.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (50188)
Hash 328d1b873bdd3626f0da6bfff3d4af86
b53a7a86dcf110e6d8fc4218a478fbe695d1a505
448c59eb01252a88a11bc81d0ea200c46bca4f00c78c5bec7547c48aa1986a35
GET /app/website/js/runtime.c4d4307ee61f5cebe6fd.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 21 Oct 2022 21:16:13 GMT
x-rgw-object-type: Normal
etag: W/"a478f034e8fa61f9e50831e24fd16261"
x-amz-request-id: tx00000000000001eacb2c6-0063530c72-c696eea-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/runtime.c4d4307ee61f5cebe6fd.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: e8fcd737dc1402b9737aa25c3edcef61690a8e71
x-request-id: 752e0b33e0d2526f8952eb5d5bae727e
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:05 GMT
via: 1.1 varnish
age: 8875
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.836424,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24740
X-Firefox-Spdy: h2
www.jeffreymalickforcitycouncil.com/
199.34.228.164200 OK 17 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/
IP 199.34.228.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (44389)
Hash 92741b79c6356d9af61e37add955ac3e
ab1686d595018dbb29f74cb8db7da3d4f67b8fd6
b34ac3936d2deebb0fc64741a9062656a2158d0061f7bad43f0ac401a55ab6f1
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Fri, 21 Oct 2022 23:46:01 GMT
Set-Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; expires=Fri, 04-Nov-2022 23:46:05 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; expires=Fri, 04-Nov-2022 23:46:05 GMT; Max-Age=1209600; path=/
PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; expires=Fri, 04-Nov-2022 23:46:05 GMT; Max-Age=1209600; path=/; httponly
X-Host: blu71.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 4d7692c926b930b1d26022a5e617437d
Content-Encoding: gzip
cdn3.editmysite.com/app/website/js/vue-modules.7951f3068d0f5401b2c2.js
151.101.85.46200 OK 67 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/vue-modules.7951f3068d0f5401b2c2.js
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (25511)
Hash 14ad40c1a43ace9b011a851702c93ecb
e9305b6f3a939584274b15a3f1c4fb5bf10645b0
9d4a8b77438e72d188022397e4bdf11b88fe72bc2c102dc0f9b6568b9fcf1c6f
GET /app/website/js/vue-modules.7951f3068d0f5401b2c2.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Tue, 13 Sep 2022 23:09:13 GMT
x-rgw-object-type: Normal
etag: W/"49ff92c44982a89cf5290643882beb23"
x-amz-request-id: tx000000000000017667f0b-0063469e43-c699baa-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/vue-modules.7951f3068d0f5401b2c2.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: e8fcd737dc1402b9737aa25c3edcef61690a8e71
x-request-id: a0ab1cb81a386abce1153edf4a559a6f
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:05 GMT
via: 1.1 varnish
age: 1273
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.837109,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 66757
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rb3c1VpN8NBidiJZ7cHSWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Hliu9T0ECxTt6l9uASClfKSJmlM=
cdn3.editmysite.com/app/website/css/site.f6bc0a52b543e018a934.css
151.101.85.46200 OK 24 kB URL HTTP/2 cdn3.editmysite.com/app/website/css/site.f6bc0a52b543e018a934.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (65065), with no line terminators
Hash 4f7105770b31a6559941232f799a4832
0cd3ceb36d5319d441af5bcc0772e8e2aabc191c
5310edaa15a0436060feeee4e98636b4ecece0d913ca050bdc6b4ab87d06c7b8
GET /app/website/css/site.f6bc0a52b543e018a934.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Thu, 20 Oct 2022 20:13:49 GMT
x-rgw-object-type: Normal
etag: W/"3eebc33531b5845434b125fa7c879432"
x-amz-request-id: tx00000000000001cfceb2d-006351ac6a-c6aed46-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: 7d7d756a68b92ec243eccf9e96058347919b6fd0
x-request-id: 8ff5fa95fb1d92660df024608ddd6560
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:05 GMT
via: 1.1 varnish
age: 98818
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.834157,VS0,VE10
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23521
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/site.9efb307439603296f6d3.js
151.101.85.46200 OK 631 kB URL HTTP/2 cdn3.editmysite.com/app/website/js/site.9efb307439603296f6d3.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (34769)
Size 631 kB (630645 bytes)
Hash e0ae98cc79399fc1274692bdbd56b0ec
d4bd4cacbcf51bdcb96dc4644f9219fb81e01827
3b49929caf6aca0d1427d7ef1d4e8f3097f4c5a3bfac78df900a71f02895d41d
GET /app/website/js/site.9efb307439603296f6d3.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 21 Oct 2022 21:16:13 GMT
x-rgw-object-type: Normal
etag: W/"17336023ddf3b2004fcebdf6218119e2"
x-amz-request-id: tx00000000000001dc3bbd5-0063530c78-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/site.9efb307439603296f6d3.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: e8fcd737dc1402b9737aa25c3edcef61690a8e71
x-request-id: 99c37f7f6ad54031a58516a8eafbc765
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:05 GMT
via: 1.1 varnish
age: 8875
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.839495,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 630645
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.4058cdbe688ad0bf39fd.css
151.101.85.46200 OK 23 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/css/wcko.4058cdbe688ad0bf39fd.css
IP 151.101.85.46:0
File type Unicode text, UTF-8 text, with very long lines (64270), with no line terminators
Hash e801b74e69d0257f4adc808f27299f3b
449b258052ac16043fdae61611e99d54063147d1
9680e13e7b40f6dd4a4690730fd4dad65158968a7ac8ee1bc2b39d4fc0348054
GET /app/checkout/assets/checkout/css/wcko.4058cdbe688ad0bf39fd.css HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css; charset=utf-8
last-modified: Tue, 18 Oct 2022 19:17:19 GMT
x-rgw-object-type: Normal
etag: W/"1342617e20ef2109f63329961c8c663c"
x-amz-request-id: tx00000000000001c833ae8-00634efc88-c695612-sfo1
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:05 GMT
via: 1.1 varnish
age: 1314
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.986403,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22817
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.21.226:0
Hash d2abaae4622d42102d277b4a2c97f972
7e6a9a4d3fc4fa90063d67091082539e19d671eb
193e24c66ccb7f3197b2b1a5515b3647ffc6aebfc34821d4494f2818dfda9d77
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:46:06 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "BF3BFBC99FF12374CCFA20C579E8C4DB1C19AE46"
Expires: Sat, 22 Oct 2022 11:00:00 GMT
Last-Modified: Fri, 21 Oct 2022 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 835
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75dddee37f850b06-OSL
cdn2.editmysite.com/js/wsnbn/snowday262.js
151.101.85.46200 OK 26 kB URL HTTP/2 cdn2.editmysite.com/js/wsnbn/snowday262.js
IP 151.101.85.46:0
File type ASCII text, with very long lines (2512)
Hash 234327230add9a5a5d61a48829ea4565
7966cc0e4bd76f88ff193c8a99a067de804b7129
bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
GET /js/wsnbn/snowday262.js HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Wed, 12 Oct 2022 22:57:27 GMT
etag: "63474657-124fe"
expires: Thu, 27 Oct 2022 08:38:41 GMT
cache-control: max-age=1209600
x-host: blu85.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:06 GMT
age: 745644
x-served-by: cache-sjc10061-SJC, cache-bma1671-BMA
x-cache: HIT, HIT
x-cache-hits: 20, 4045
x-timer: S1666395966.000842,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.fe0eeb06367aeece11a74eed0fea4f57.js
151.101.85.46200 OK 3.5 kB URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/imports.en.fe0eeb06367aeece11a74eed0fea4f57.js
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (16702), with no line terminators
Hash c72dab3fc48b034e9b3fecc1958b73dc
bf1608ffa2f694b7f3abe38ab822bbed89a4f789
7a059cf29fa3455b09aec579a7b60ef26b2a04ed7b47e55fdb95916734646e84
GET /app/checkout/assets/checkout/imports.en.fe0eeb06367aeece11a74eed0fea4f57.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeffreymalickforcitycouncil.com/
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 21 Oct 2022 23:26:37 GMT
x-rgw-object-type: Normal
etag: W/"fe0eeb06367aeece11a74eed0fea4f57"
x-amz-request-id: tx00000000000001ef5013b-0063532b24-c695612-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/checkout/public/assets/checkout/imports.en.fe0eeb06367aeece11a74eed0fea4f57.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:06 GMT
via: 1.1 varnish
age: 676
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.164433,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3512
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
151.101.85.46200 OK 325 B URL HTTP/2 cdn3.editmysite.com/app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (1611), with no line terminators
Hash be5c6eec9cf3e92f8df759e392e01209
e0bff726136f738e6a1fe3e991d9a64dcf46d23a
e630015425b5298e0f7db7e397850913ea94d317beba50978a9df8e8364334ae
GET /app/checkout/assets/checkout/locale-imports-map.be14e50d1628faa410488f65362a397d.json HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeffreymalickforcitycouncil.com/
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/json
last-modified: Fri, 21 Oct 2022 23:07:30 GMT
etag: W/"63532632-64b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:06 GMT
via: 1.1 varnish
age: 676
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.174403,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 325
X-Firefox-Spdy: h2
cdn3.editmysite.com/app/website/js/languages/en.828935a1421e2470be71.js
151.101.85.46200 OK 471 B URL HTTP/2 cdn3.editmysite.com/app/website/js/languages/en.828935a1421e2470be71.js
IP 151.101.85.46:0
Hash a4eff4866251a826c64e0ccde3443901
0771e79c79144f3d897ae0d1ec37cda115f3d693
bf9435c31c8cd1109a83fe61175ef35dd26b431809ebbad9384b19d692c1c948
GET /app/website/js/languages/en.828935a1421e2470be71.js HTTP/1.1
Host: cdn3.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 21 Oct 2022 23:38:55 GMT
x-rgw-object-type: Normal
etag: W/"190f019b600e77f6da2fb7af808d12a0"
x-amz-request-id: tx00000000000001dd648e6-0063532ddb-c6aed46-sfo1
sourcemap: https://private-assets.weebly.net/uploads/c/00e8dbc9-8879-11e9-9040-089e018b1a8c/website/public/js/languages/en.828935a1421e2470be71.js.map
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-revision: ec1cc5a51f1216021fe292382ea0619571803822
x-request-id: 8ed9ff902e59045f10d947470cf47bd6
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:05 GMT
via: 1.1 varnish
age: 224
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666395966.839010,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 151339
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash a4eff4866251a826c64e0ccde3443901
0771e79c79144f3d897ae0d1ec37cda115f3d693
bf9435c31c8cd1109a83fe61175ef35dd26b431809ebbad9384b19d692c1c948
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152384
Date: Fri, 21 Oct 2022 23:46:06 GMT
Etag: "6352cc10-1d7"
Expires: Sun, 23 Oct 2022 18:05:50 GMT
Last-Modified: Fri, 21 Oct 2022 16:42:56 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hU_1wHPg98vVmZly-Sy13pVTD0RcNPXdHEJyQSB9Z2QeQAy0Knfc4g==
Age: 4974
www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/applepay.svg
199.34.228.164200 OK 3.0 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/applepay.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2381)
Hash c9f0fd2c3c94b10595455b840e220672
7734e007c6a4dd650d38be5b29c7335cf9cbfb97
a1aedf64c61a6c121aa0e78164ad0d32f1ebbfd949197c88c7f48462bcbed3ab
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/applepay.svg HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:06 GMT
Content-Type: image/svg+xml
Content-Length: 2986
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "c9f0fd2c3c94b10595455b840e220672"
x-amz-request-id: tx000000000000001ae660e-00628473fd-b9fbc63-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu71.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 367ffe56e4db48334ba79f96beeb11c6
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.jeffreymalickforcitycouncil.com/
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:46:06 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.jeffreymalickforcitycouncil.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
X-Firefox-Spdy: h2
sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1263158/envelope/?sentry_key=13e49d785d8d4f828038b6136f3b48ba&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.jeffreymalickforcitycouncil.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.jeffreymalickforcitycouncil.com
Content-Length: 417
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:06 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://www.jeffreymalickforcitycouncil.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/visa.svg
199.34.228.164200 OK 2.2 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/visa.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1610)
Hash 98e2d557ac9311fbf6c47dcb9cb2c730
e58712545669ba118a42f2e47fcaaabd095cdc6c
0647e086fe11b0748687b68e25c9d2830b8fa08c4397c6c7c6e327d5e8e6c43d
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/visa.svg HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:06 GMT
Content-Type: image/svg+xml
Content-Length: 2247
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 21:25:04 GMT
x-rgw-object-type: Normal
ETag: "98e2d557ac9311fbf6c47dcb9cb2c730"
x-amz-request-id: tx000000000000033debbab-00631274b1-c033918-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu71.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 52bb1078d3e13ad0f81a9ec484db79b2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1954
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:46:06 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=4395f146-1b97-4705-918b-90883b827791; Expires=Sat, 21 Oct 2023 23:46:06 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.jeffreymalickforcitycouncil.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/americanexpress.svg
199.34.228.164200 OK 1.2 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/americanexpress.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (955)
Hash 2d510915ad1e47e7f6fa0a9ca6dfe7d2
a94981dcae88d70869bce16df350fbc0fbc0c138
52c75baa1c05af510c5017a200f40094bba37a6ccbb2fe5ce2542f331b812204
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/americanexpress.svg HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:07 GMT
Content-Type: image/svg+xml
Content-Length: 1206
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2d510915ad1e47e7f6fa0a9ca6dfe7d2"
x-amz-request-id: tx000000000000001a887e8-00628473fd-b9fbc20-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu71.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 838f1870c6cf519949a496936f24300b
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17228
Expires: Sat, 22 Oct 2022 04:33:15 GMT
Date: Fri, 21 Oct 2022 23:46:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17228
Expires: Sat, 22 Oct 2022 04:33:15 GMT
Date: Fri, 21 Oct 2022 23:46:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17228
Expires: Sat, 22 Oct 2022 04:33:15 GMT
Date: Fri, 21 Oct 2022 23:46:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 5162
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc263c0f18e27e8b7f6b841c1e400069
06e91c12abd2c7182991312a4ca0a71c8c0b898d
98b8a8d1c1b279424ac967d0f6e333b5ba981450c3a5823695c5f4490f6d7330
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d7888fa-b929-4b9c-b42a-48eeeefeb499.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9534
x-amzn-requestid: ad6b6fb0-d36e-4aa4-abba-a931a040b0f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-czHZgoAMFX2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353111e-40f2629721fa12570aa1eb86;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:37:34 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CT7cukYC2rFTB2Je5RYw1qQBAzBSeb2sZMCdBNNCsZ346Lb89-Q_6Q==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:14:15 GMT
age: 5512
etag: "06e91c12abd2c7182991312a4ca0a71c8c0b898d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash baacb85509de0c5f8c3d8354f02232a7
f9190f9b694f92d385686984a8c2c7880ac4c22f
0dba837f537fc8701c1b28ca4ed0977716462f0f669b09c05084a0ca2731b32c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bdb3f97-ec76-487e-aaa0-904a4218b167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3337
x-amzn-requestid: 8b40aab0-2ced-4e28-85af-a3d1f1347382
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aPYqSE6eoAMFsmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634fa174-5618d2d53211d0733d8f4765;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 07:04:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VYHUm2p5JlTINvJl5aDyOuCtTz7HDPZ5OJ-A496kZovZd8o0C4Kw6A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 07:22:01 GMT
age: 59046
etag: "f9190f9b694f92d385686984a8c2c7880ac4c22f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b6e3c22-497d-4a5d-a4d2-950672e6bcfa.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b6e3c22-497d-4a5d-a4d2-950672e6bcfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e409a641b2f5ea9893877975d7072f
ead119bf29d07f5957fd5150efb629586e884512
d9bbf8ae5b903ee7fa198fd22eb9da13115cfe6f5cbbba40b25e95e0897421e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b6e3c22-497d-4a5d-a4d2-950672e6bcfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15933
x-amzn-requestid: 46fb5d34-260a-4610-a104-54984fc436c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MbHWxoAMFzsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b5-643ab634594357c776bc939a;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZID6i3HtSbnVGo203R47CDylP_nquEwhF2jZGXGQXXWukmg9vx6BOw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:40 GMT
etag: "ead119bf29d07f5957fd5150efb629586e884512"
content-type: image/jpeg
age: 6327
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LMoH9qNuDmuriAWS_UIw4XHAUcnNhvxI48pB39I68aypUxeorSft0A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
age: 6335
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93090b5a-5307-421c-8902-654efd5f9769.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93090b5a-5307-421c-8902-654efd5f9769.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb1054cc59fc865911630fd27da6be69
b9c69a4be7d6747f33e10ff8df22901baced3b3c
90d8f004bbecb20c3d6e0379202dc5d32fbfe0eb81e1da9a142f6e96582d6a5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F93090b5a-5307-421c-8902-654efd5f9769.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9337
x-amzn-requestid: b28a9696-dea4-411f-b5f9-48b2c4463913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pTEpdoAMFXeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-11c9f335631c64cf5ee3c582;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QOzuhpjNOprqxmVmRKv1xe8u68J4_NxMP7vx0ArbmY6HAxZ73rIoQg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:39 GMT
age: 6328
etag: "b9c69a4be7d6747f33e10ff8df22901baced3b3c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/discover.svg
199.34.228.164200 OK 3.1 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/discover.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2151)
Hash 9e274d45e1f0b4185bb742d876cee3f5
67405429005f54a1cfb1a27e27491d89814f9ede
a9e66fbb3fb33098304147be606afc2b8e8c8f745db8a83bb6b2d7a0a9a42abc
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/discover.svg HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:07 GMT
Content-Type: image/svg+xml
Content-Length: 3087
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "9e274d45e1f0b4185bb742d876cee3f5"
x-amz-request-id: tx000000000000001aa7132-00628473f9-b9fbc7f-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu71.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 6546e96050de1d8ebfdbc3d42e63f10e
www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/googlepay.svg
199.34.228.164200 OK 3.1 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/googlepay.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1581)
Hash 2e6b26f9d61dd22468981356313ca58c
df83a373e46337f409c59947b4ae5f9abe1d896a
85d63842ff30824d4324316344c9eea12995869cc3f5f353fbfa2c3008980222
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/googlepay.svg HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:07 GMT
Content-Type: image/svg+xml
Content-Length: 3115
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "2e6b26f9d61dd22468981356313ca58c"
x-amz-request-id: tx000000000000001af98ca-00628473f6-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn76.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 90c1877b3bef85b5b3b55d154349efce
www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/mastercard.svg
199.34.228.164200 OK 1.7 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/mastercard.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (424)
Hash 1448577966d9c16095880130e876db7a
ecfaef0be795af04cab2f95d7457721a35cf1742
0b6808d0e93f753a1036f42b52c1a2616662d1503f8d07234a98ee54d7a3dd1e
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/mastercard.svg HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:07 GMT
Content-Type: image/svg+xml
Content-Length: 1657
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "1448577966d9c16095880130e876db7a"
x-amz-request-id: tx000000000000001ac6ae7-00628473fa-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn47.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 89c598a0947b2f0363ad7b32afc702ec
www.jeffreymalickforcitycouncil.com/app/website/cms/api/v1/users/142596933/customers/coordinates
199.34.228.164200 OK 70 B URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/app/website/cms/api/v1/users/142596933/customers/coordinates
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9752b06c768724a72741cf9388713596
3c05993fc47e53d1edaa9c03779565a7753f3a61
1d97b677c782c9ae57c8b4dcb6afd88a8068ea3cd133a00cf1050dfe0b4d835c
Analyzer Verdict Alert quad9 Sinkholed
GET /app/website/cms/api/v1/users/142596933/customers/coordinates HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-XSRF-TOKEN: eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, private
Date: Fri, 21 Oct 2022 23:46:07 GMT
Set-Cookie: websitespring-xsrf=eyJpdiI6IjkzbXJzQk1sYkI5dnljWER1VGw5MFE9PSIsInZhbHVlIjoiZzArMnNaWVZtdDlSVTlpcmwrbFZac054TVlXWTFXYUZRd0I2dEFJKzd2cUVhNEM0dFIxSEg5RTZaM0JtMW5DTmlheEZIdzZBTXNNVG1zeXh3cFZZV2w1UmR2WkNxV1VvRlplWlg1cU5SVFNmb29lclE4VXdKTHNJY0lXZTBBSVciLCJtYWMiOiI2ZjU0NzNjMGMxN2Q0ZDM4NmFjNjViYWQ3ZmQ5NDhjMzcyMDk4NTgzMmE4MmU5ZmMwNjE1MThjMjhmZTNjZjg5In0%3D; expires=Fri, 04-Nov-2022 23:46:07 GMT; Max-Age=1209600; path=/
XSRF-TOKEN=eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9; expires=Fri, 04-Nov-2022 23:46:07 GMT; Max-Age=1209600; path=/
X-Host: blu85.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: b0f3df2de7fb150b95d0c503c012bb0d
Content-Encoding: gzip
www.jeffreymalickforcitycouncil.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
199.34.228.164200 OK 201 B URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments]
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbf985fd86ef8add09a38860a98def2f
2804fa968da1e1b8be4b6f150438e45f4150d3c0
236153652c6f09415db4ee8f8b9a98827da5987a001a136d94d87f401ef6f160
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/Commerce/?Commerce/[ABTestSegmentation::getTestSegments] HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9
Content-Length: 83
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:46:07 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn65.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 201
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/jcb.svg
199.34.228.164200 OK 3.9 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/jcb.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1131)
Hash 32a219b916e0f1667aa650f7f8536a7b
a464d7ae31f4996c69c95a11fb791b01e55ceba8
4e8f269a2bf9b6d132634125bfe865e6342103f4cbd7953951d16c3442a24216
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/jcb.svg HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:07 GMT
Content-Type: image/svg+xml
Content-Length: 3876
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:39 GMT
x-rgw-object-type: Normal
ETag: "32a219b916e0f1667aa650f7f8536a7b"
x-amz-request-id: tx000000000000001ac6a14-00628473f9-b9fbc64-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu71.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 02971ebddff2e15b0ee0147ece04d0d6
www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/cashapp.svg
199.34.228.164200 OK 1.4 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/static/icons/payment-methods/cashapp.svg
IP 199.34.228.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1143)
Hash 4d9798d0983422b1931dbfb934e04144
b70cb2e3822c77177ba56a351e309d5394263105
880d2b790069e44a5ac9b19ea84372fb6289a1cddae239a7aea7d948fd9faa3a
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icons/payment-methods/cashapp.svg HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:07 GMT
Content-Type: image/svg+xml
Content-Length: 1394
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 18:10:38 GMT
x-rgw-object-type: Normal
ETag: "4d9798d0983422b1931dbfb934e04144"
x-amz-request-id: tx00000000000000db9882a-00629614f5-b9fbc29-sfo1
Accept-Ranges: bytes
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn76.sf2p.intern.weebly.net
X-Revision: ec1cc5a51f1216021fe292382ea0619571803822
X-Request-ID: 51b2b47a38417f3109b6d4104a8e9f77
www.jeffreymalickforcitycouncil.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
199.34.228.164200 OK 894 B URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig]
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with very long lines (894), with no line terminators
Hash 9c2ac9e20bbb3eaa2cd68d6053ed402f
de4357a0c8f11d9fd2f484700305db5f8d2b4eb4
ebf0a5f17b84d7ce1cd8c6f96fd4bd1d8bfea91eaea64f475da59f8c31814a69
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getSquareStoreConfig] HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-XSRF-TOKEN: eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9
Content-Length: 78
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IkpqRjd4VThiYk9HN3g4aEdldlZNcFE9PSIsInZhbHVlIjoiVDBcL2J1V1Q0MUJyT2hiZ3VtZ2JLU2E0QitxOTlaa1pQYitoUUo1REFHY3Brc2M1dDVTQ3VMTEN0VjFxSUwweXU2dzVUQ045RHM1Q0dYYVNZV1BTUFJueGhOaUgyM0NOSFRXbE04WjQ5U0NjKzhMMkRsZjU3MnZURlV6cWc2bWJDIiwibWFjIjoiZTBkODNhZDVkZjhhNWVlNTQyNGEzNDY4YmYyYTdlNzMxYzJmNzA1YzUwYWI0MjkxYzJlN2VlMTY1OGY4Y2JiMCJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:46:07 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn141.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 894
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
cdn5.editmysite.com/app/store/api/v23/editor/users/142596933/sites/976956615590134412/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
151.101.85.46200 OK 1.4 kB URL HTTP/2 cdn5.editmysite.com/app/store/api/v23/editor/users/142596933/sites/976956615590134412/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1
IP 151.101.85.46:0
File type JSON data\012- , ASCII text, with very long lines (3839), with no line terminators
Hash 16bb03e8f92d6afb93e2644a9767fb6b
3ec87fce836908c3e93d1f7654ef2e9261117986
a95bed2db2bd135153de78fbc01a52f585dc46a172a0d7367267d9a91182de63
GET /app/store/api/v23/editor/users/142596933/sites/976956615590134412/store-locations?page=1&per_page=100&include=address&lang=en&from=latlng:59.955,10.859&sort_by=distance&valid=1 HTTP/1.1
Host: cdn5.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
cache-control: s-maxage=604800
etag: W/"4f319aa43993c3a9b009f75ef596ee53"
access-control-allow-methods: GET, HEAD
fullcache: m
x-revision: 86830eec8b6a24f5b731e353c965160f2f4cbdb5
x-request-id: d7ee849d68bd9c276051d9c26d5b6520
content-encoding: gzip
x-w-dc: SFO
accept-ranges: bytes
date: Fri, 21 Oct 2022 23:46:07 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1646-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666395967.358462,VS0,VE279
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1365
X-Firefox-Spdy: h2
www.jeffreymalickforcitycouncil.com/uploads/b/77331f30-0b83-11ed-a4e1-33eb822229d1/malick-icon.png
199.34.228.164200 OK 4.3 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/uploads/b/77331f30-0b83-11ed-a4e1-33eb822229d1/malick-icon.png
IP 199.34.228.164:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 380055b62d2fc33605e9c4d528003313
2a818eae3992adde5820bb9306cec50066f53650
bad48b7cc478e84855a466048a0a34828fa36e313a694af9e5b10e08879873d9
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/b/77331f30-0b83-11ed-a4e1-33eb822229d1/malick-icon.png HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835; websitespring-xsrf=eyJpdiI6IjkzbXJzQk1sYkI5dnljWER1VGw5MFE9PSIsInZhbHVlIjoiZzArMnNaWVZtdDlSVTlpcmwrbFZac054TVlXWTFXYUZRd0I2dEFJKzd2cUVhNEM0dFIxSEg5RTZaM0JtMW5DTmlheEZIdzZBTXNNVG1zeXh3cFZZV2w1UmR2WkNxV1VvRlplWlg1cU5SVFNmb29lclE4VXdKTHNJY0lXZTBBSVciLCJtYWMiOiI2ZjU0NzNjMGMxN2Q0ZDM4NmFjNjViYWQ3ZmQ5NDhjMzcyMDk4NTgzMmE4MmU5ZmMwNjE1MThjMjhmZTNjZjg5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:07 GMT
Content-Type: image/png
Content-Length: 4294
Connection: keep-alive
Last-Modified: Tue, 26 Jul 2022 19:37:51 GMT
x-rgw-object-type: Normal
ETag: "380055b62d2fc33605e9c4d528003313"
x-amz-request-id: tx00000000000003c8ff9c5-00631f2486-c03521c-sfo1
X-Storage-Bucket: zbad4
X-Storage-Object: bad48b7cc478e84855a466048a0a34828fa36e313a694af9e5b10e08879873d9
X-Host: blu56.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.jeffreymalickforcitycouncil.com/uploads/b/77331f30-0b83-11ed-a4e1-33eb822229d1/icon_180x180_ios_OTY1ND.png?width=180
199.34.228.164200 OK 7.1 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/uploads/b/77331f30-0b83-11ed-a4e1-33eb822229d1/icon_180x180_ios_OTY1ND.png?width=180
IP 199.34.228.164:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fa6b58b7f367a00014e1918bc4ea112d
190f73ed8a565a7fa9cabd789f69dcccda8af423
0caf2be9cd03e90704f8f780844aee7dda6d436395b6c3bffb109a85603fc4af
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/b/77331f30-0b83-11ed-a4e1-33eb822229d1/icon_180x180_ios_OTY1ND.png?width=180 HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395980.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835; websitespring-xsrf=eyJpdiI6IjkzbXJzQk1sYkI5dnljWER1VGw5MFE9PSIsInZhbHVlIjoiZzArMnNaWVZtdDlSVTlpcmwrbFZac054TVlXWTFXYUZRd0I2dEFJKzd2cUVhNEM0dFIxSEg5RTZaM0JtMW5DTmlheEZIdzZBTXNNVG1zeXh3cFZZV2w1UmR2WkNxV1VvRlplWlg1cU5SVFNmb29lclE4VXdKTHNJY0lXZTBBSVciLCJtYWMiOiI2ZjU0NzNjMGMxN2Q0ZDM4NmFjNjViYWQ3ZmQ5NDhjMzcyMDk4NTgzMmE4MmU5ZmMwNjE1MThjMjhmZTNjZjg5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:07 GMT
Content-Type: image/webp
Content-Length: 7090
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "KBQeL0SS3kfQ2tcK3dUOcAd+U7RvpmByjH8qEcdyS/M"
Fastly-Io-Info: ifsz=10408 idim=180x180 ifmt=png ofsz=7090 odim=180x180 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000001c4271a2-00634ee232-c699baa-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z5b28
X-Storage-Object: 5b285d6ea27a737e79a2533f42fe0d8c292bc0b999e60ab15fdb8a7da4c89564
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 535
X-Served-By: cache-sjc10073-SJC, cache-pao17450-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1666395968.684847,VS0,VE1
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn79.sf2p.intern.weebly.net
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 2394
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: sp=4395f146-1b97-4705-918b-90883b827791
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:46:07 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=4395f146-1b97-4705-918b-90883b827791; Expires=Sat, 21 Oct 2023 23:46:07 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.jeffreymalickforcitycouncil.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
44.235.202.207200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 44.235.202.207:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1853
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: sp=4395f146-1b97-4705-918b-90883b827791
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 23:46:08 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=4395f146-1b97-4705-918b-90883b827791; Expires=Sat, 21 Oct 2023 23:46:08 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.jeffreymalickforcitycouncil.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.jeffreymalickforcitycouncil.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
199.34.228.164200 OK 182 B URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder]
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6f6b6b81dd3714cd388808342e960a10
f34bc92a2c7a4dfe56bd6f069ad601e6a61e3b61
2eb22bb7b96aaee11236fcf99e822ede29d3a2ddf2d6f019bb70005b5a1540ef
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::getCurrentOrder] HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9
Content-Length: 89
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395981.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835; websitespring-xsrf=eyJpdiI6IjkzbXJzQk1sYkI5dnljWER1VGw5MFE9PSIsInZhbHVlIjoiZzArMnNaWVZtdDlSVTlpcmwrbFZac054TVlXWTFXYUZRd0I2dEFJKzd2cUVhNEM0dFIxSEg5RTZaM0JtMW5DTmlheEZIdzZBTXNNVG1zeXh3cFZZV2w1UmR2WkNxV1VvRlplWlg1cU5SVFNmb29lclE4VXdKTHNJY0lXZTBBSVciLCJtYWMiOiI2ZjU0NzNjMGMxN2Q0ZDM4NmFjNjViYWQ3ZmQ5NDhjMzcyMDk4NTgzMmE4MmU5ZmMwNjE1MThjMjhmZTNjZjg5In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:46:08 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu142.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 182
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.jeffreymalickforcitycouncil.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
199.34.228.164200 OK 79 B URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable]
IP 199.34.228.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 26e70d9925604cbe0c7e866fc54d87f4
ef5b3fb91cf2534cbf57806d14b21f0a5ae5c259
c0e7b562566962eced45cdf3319b692c55f3df7c3c6d39436a9d21bae2d2e049
Analyzer Verdict Alert quad9 Sinkholed
POST /ajax/api/JsonRPC/Commerce/?Commerce/[Checkout::hasCouponsAvailable] HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Client-Application-Name: website
X-XSRF-TOKEN: eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9
Content-Length: 77
Origin: https://www.jeffreymalickforcitycouncil.com
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395981.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835; websitespring-xsrf=eyJpdiI6IjkzbXJzQk1sYkI5dnljWER1VGw5MFE9PSIsInZhbHVlIjoiZzArMnNaWVZtdDlSVTlpcmwrbFZac054TVlXWTFXYUZRd0I2dEFJKzd2cUVhNEM0dFIxSEg5RTZaM0JtMW5DTmlheEZIdzZBTXNNVG1zeXh3cFZZV2w1UmR2WkNxV1VvRlplWlg1cU5SVFNmb29lclE4VXdKTHNJY0lXZTBBSVciLCJtYWMiOiI2ZjU0NzNjMGMxN2Q0ZDM4NmFjNjViYWQ3ZmQ5NDhjMzcyMDk4NTgzMmE4MmU5ZmMwNjE1MThjMjhmZTNjZjg5In0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 23:46:08 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn24.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 79
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: application/json
www.jeffreymalickforcitycouncil.com/uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/Jeffrey%20Malick_Campaign%20Logo_1658861410.png?width=400
199.34.228.164200 OK 19 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/Jeffrey%20Malick_Campaign%20Logo_1658861410.png?width=400
IP 199.34.228.164:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 730eb7a398be9a2d976df9e6112fba1f
45c432a28767ce5fd6ba37f86cf620006ad38105
1237c6448077f692117c16629a37519a1c10186a1ad9b60d285b00c8ab866185
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/Jeffrey%20Malick_Campaign%20Logo_1658861410.png?width=400 HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395981.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835; websitespring-xsrf=eyJpdiI6IjkzbXJzQk1sYkI5dnljWER1VGw5MFE9PSIsInZhbHVlIjoiZzArMnNaWVZtdDlSVTlpcmwrbFZac054TVlXWTFXYUZRd0I2dEFJKzd2cUVhNEM0dFIxSEg5RTZaM0JtMW5DTmlheEZIdzZBTXNNVG1zeXh3cFZZV2w1UmR2WkNxV1VvRlplWlg1cU5SVFNmb29lclE4VXdKTHNJY0lXZTBBSVciLCJtYWMiOiI2ZjU0NzNjMGMxN2Q0ZDM4NmFjNjViYWQ3ZmQ5NDhjMzcyMDk4NTgzMmE4MmU5ZmMwNjE1MThjMjhmZTNjZjg5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:08 GMT
Content-Type: image/webp
Content-Length: 18660
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "Z1E5VDAEWpQItxBn7IgZ3Z21yXctwvAYtG8CiYRGZZQ"
Fastly-Io-Info: ifsz=26361 idim=630x241 ifmt=png ofsz=18660 odim=400x153 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx00000000000003a64cf2d-00631b7286-bfe36ba-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z046a
X-Storage-Object: 046ab9c48eb341fbdc2c05f043ea1dd820a93b536f19629073942a01629d7b9e
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-sjc10047-SJC, cache-pao17449-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1666395969.531544,VS0,VE109
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn137.sf2p.intern.weebly.net
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jeffreymalickforcitycouncil.com/uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/SCV%20Dems%20Endorsement%20Graphic_cropped_1659629345.jpg?width=800
199.34.228.164200 OK 36 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/SCV%20Dems%20Endorsement%20Graphic_cropped_1659629345.jpg?width=800
IP 199.34.228.164:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x680, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5fa9ec98e356a12d7bdfc74973c425b
30d859a4fa9680072dabfca304b89fc3356b9fea
ed262025f6acfd33219a026366ae486f78b4ad69da2a77720117967195af6099
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/SCV%20Dems%20Endorsement%20Graphic_cropped_1659629345.jpg?width=800 HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395981.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835; websitespring-xsrf=eyJpdiI6IjkzbXJzQk1sYkI5dnljWER1VGw5MFE9PSIsInZhbHVlIjoiZzArMnNaWVZtdDlSVTlpcmwrbFZac054TVlXWTFXYUZRd0I2dEFJKzd2cUVhNEM0dFIxSEg5RTZaM0JtMW5DTmlheEZIdzZBTXNNVG1zeXh3cFZZV2w1UmR2WkNxV1VvRlplWlg1cU5SVFNmb29lclE4VXdKTHNJY0lXZTBBSVciLCJtYWMiOiI2ZjU0NzNjMGMxN2Q0ZDM4NmFjNjViYWQ3ZmQ5NDhjMzcyMDk4NTgzMmE4MmU5ZmMwNjE1MThjMjhmZTNjZjg5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:09 GMT
Content-Type: image/webp
Content-Length: 36052
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "rzJTP/47ku1c6suRv2IxxK/yJ9aonGoK9mC6hDb1qqw"
Fastly-Io-Info: ifsz=194498 idim=1227x1043 ifmt=jpeg ofsz=36052 odim=800x680 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx000000000000004445ee3-0063290c70-c67eadd-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: z67bc
X-Storage-Object: 67bc8f0923c3613d3107973ca5f9354a48710644229e7666f937b10f7d2abba9
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 3595
X-Served-By: cache-sjc10077-SJC, cache-pao17458-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1666395969.003861,VS0,VE4
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: blu56.sf2p.intern.weebly.net
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/xMpxnDUtAyk?controls=1&start=0&autoplay=0&modestbranding=1
142.250.74.142200 OK 78 kB URL HTTP/2 www.youtube.com/embed/xMpxnDUtAyk?controls=1&start=0&autoplay=0&modestbranding=1
IP 142.250.74.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58638)
Hash d92a428f7d5c28f693ad16c15902e175
c664d1a2745c86080c79c93ad2117817f5758a91
7087793e29c0b7cdfa0b2bd81a34110bb1845fded5198fe4af9c2489a80f774f
GET /embed/xMpxnDUtAyk?controls=1&start=0&autoplay=0&modestbranding=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 21 Oct 2022 23:46:09 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=dtY005tk5LQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=hh3SjSg5jZg; Domain=.youtube.com; Expires=Wed, 19-Apr-2023 23:46:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+030; expires=Sun, 20-Oct-2024 23:46:09 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 12:31:58 GMT
expires: Sun, 15 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 558851
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 00:48:31 GMT
expires: Sat, 21 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 82658
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jeffreymalickforcitycouncil.com/uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/2022-07-26_12-45-16_1658864726.jpg?width=800&height=430&fit=cover
199.34.228.164200 OK 66 kB URL HTTP/1.1 www.jeffreymalickforcitycouncil.com/uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/2022-07-26_12-45-16_1658864726.jpg?width=800&height=430&fit=cover
IP 199.34.228.164:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 207a802eac8701b7c0413b86b2ad5bbd
63348a952f913f25d03bb3157e79ed5146e62da8
155577e9b43c252910551bd55c36196640e8ac26c8cea0daf6a282a1223399fe
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/b/03d5941fd70168bd23779b6cc4b7543cfdab4acf1934af57ab470a2fc0ff15a5/2022-07-26_12-45-16_1658864726.jpg?width=800&height=430&fit=cover HTTP/1.1
Host: www.jeffreymalickforcitycouncil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.jeffreymalickforcitycouncil.com/
Cookie: publishedsite-xsrf=eyJpdiI6IndYTFRQMTkrTmFNQURWUlwvRUxzM0NRPT0iLCJ2YWx1ZSI6IjlVQU1SWVhEcDZySnppYjRUWlU1RkNiRGhYYWVRbTRhbjZKb0JodmN6SzFOUjN1dzNcL2FjV0w2Snk2Zk51anJOdk5vbEhPMDRySVZwSnhNNDdSUGhUcTkzZGZwZ1IyZWJkREN6VlpKTTlQUE5LSnZkRk13ZzBQWXUyT2ZqYUF0ciIsIm1hYyI6IjJmMDU5MmYxMjA1YWM4OTFkMzY3ZTY2MDU4OTcyOWM0ZmE5NmRjYmY4ZWEyNTNkNzhiMDU5OWVkN2RlYjNkNTgifQ%3D%3D; XSRF-TOKEN=eyJpdiI6IjgzUDAzNXd1Q3ptUHJtdzRFdVVPTWc9PSIsInZhbHVlIjoic21BSE5Zc3VRb2tvYUllc05FN2lzaWVkMys0aTJpN0E2blNQcExhZWNLbnBqMk92eFlPYjltb0NSMU8zT0pXTUY3bkVvU2xOdDdLSXAxQ1NOWDdVck81WjN1djdMSHFKd2ROdFMwb0o2UTdlYnR0SGNvQmQwXC9QRXF6ZzIyNXFKIiwibWFjIjoiYTJlNjI0YzRjY2YxYmYzMDlhNjk1NjY4ZTUwZTk1ZTM4ZDU0MDkzZWJjYmIyMzQzYThiZmIwNDRhN2U3MGNmMiJ9; PublishedSiteSession=eyJpdiI6Im9LNlwvWExFVEN1YnBsRmpGaWtvcWVBPT0iLCJ2YWx1ZSI6IlRQemdndlhBRDZ1YnlDNmJZNGR6VU85OUltY1wvOWpIUnU3cUUxTGY5K3ZSalF5SmZPbjBwQTIwcisraXVQQlJ1S0FPMDAxSU5WRnVyV3JPRzRjK2RGRGlBVHg0clwvcG55TGRaUVJRUHdiSWtnMVJMS2paMXNLbFpXdDFiaENGZGQiLCJtYWMiOiIxMjBjMDZmZGFjZmRiYzdmM2ZiODI3OTg1ZTkzZTEyYjNjMDNkZTViYmQ3YWE4NjdjNDQ5M2ZhZDkwODNkNmY2In0%3D; _snow_ses.ac31=*; _snow_id.ac31=0d36420b-d9d5-45bc-90ed-9dde7b85cd83.1666395980.1.1666395981.1666395980.2ada800e-5a8e-4f1a-bafc-383dcac35f06; _dd_s=rum=0&expire=1666396879835; websitespring-xsrf=eyJpdiI6IjkzbXJzQk1sYkI5dnljWER1VGw5MFE9PSIsInZhbHVlIjoiZzArMnNaWVZtdDlSVTlpcmwrbFZac054TVlXWTFXYUZRd0I2dEFJKzd2cUVhNEM0dFIxSEg5RTZaM0JtMW5DTmlheEZIdzZBTXNNVG1zeXh3cFZZV2w1UmR2WkNxV1VvRlplWlg1cU5SVFNmb29lclE4VXdKTHNJY0lXZTBBSVciLCJtYWMiOiI2ZjU0NzNjMGMxN2Q0ZDM4NmFjNjViYWQ3ZmQ5NDhjMzcyMDk4NTgzMmE4MmU5ZmMwNjE1MThjMjhmZTNjZjg5In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 21 Oct 2022 23:46:09 GMT
Content-Type: image/webp
Content-Length: 65632
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Etag: "yW7KWNqAqC7vjO56+rafuJQdXkIFWrfm1FaQW6jGuuc"
Fastly-Io-Info: ifsz=3627703 idim=2497x1873 ifmt=jpeg ofsz=65632 odim=800x600 ofmt=webp
Fastly-Stats: io=1
X-Amz-Request-Id: tx0000000000000379eae4d-006317aa0d-c0351b0-sfo1
X-Rgw-Object-Type: Normal
X-Storage-Bucket: zf50b
X-Storage-Object: f50b8e699db0a7bb818f2961866d82cfe9f5681cada9a2cf2acfc553d7402f0d
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 535
X-Served-By: cache-sjc10065-SJC, cache-pao17442-PAO
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
X-Timer: S1666395969.009586,VS0,VE149
Vary: Accept
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Host: grn73.sf2p.intern.weebly.net
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 06210a4a9db522652fd6aabfa05b2653
630b4ef71ec82a3970927a328d279035eaaa1267
5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 78f2476e0e57d3c337ba3e29aafe7c32
8ca483064a69de5aef97b32126cb95c13dbd33c4
33459d0c1860c80ee0159e476727a4fb0e704de2c71ad01fdd5761702f90a0c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 23:43:39 GMT
expires: Fri, 21 Oct 2022 23:58:39 GMT
cache-control: public, max-age=900
age: 151
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 21 Oct 2022 23:46:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 794a6d2df00fc15e8b4ed6ff4992525e
f8d67c7fd506709d7232298859fe2b3daf374f29
02d38690754b5d99178d576fe6df6c1ca881a2bbd806a75c633c371fac0221da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 794a6d2df00fc15e8b4ed6ff4992525e
f8d67c7fd506709d7232298859fe2b3daf374f29
02d38690754b5d99178d576fe6df6c1ca881a2bbd806a75c633c371fac0221da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 78f2476e0e57d3c337ba3e29aafe7c32
8ca483064a69de5aef97b32126cb95c13dbd33c4
33459d0c1860c80ee0159e476727a4fb0e704de2c71ad01fdd5761702f90a0c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 21 Oct 2022 23:46:10 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 06210a4a9db522652fd6aabfa05b2653
630b4ef71ec82a3970927a328d279035eaaa1267
5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 190d28f2a4bcd502c26c1630dee490fd
21bc632d2845f81f937bf1f6da087841e4980ed3
680a7d92604a99e4a09f701fd3c3b1ba336c03f515d8b8f1c03e95c4c32ed713
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 21 Oct 2022 23:46:10 GMT
server: ESF
cache-control: private
content-length: 30642
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9f4b1d3c4fdfbd28fa4afc92115bd9f9
365125fe68f668bae6f3c13ef21d92bb00783ebe
92ea3ab34acb6f2464ef06496365dd1a54767519d3429346849898739bf05bb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/PJkulU-G08v7JckZMeNSZvqVIBPCjlLmLXUvorg-pEg.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/PJkulU-G08v7JckZMeNSZvqVIBPCjlLmLXUvorg-pEg.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36075)
Hash 22f519f9a10815b15ae22769a85ebe7c
cc27fbc46f7950e78bd62d647854384e349b85bd
be19eff8aedc284592141a67398200c86d6f3d32361f0d14aa8d242c41bf0030
GET /js/th/PJkulU-G08v7JckZMeNSZvqVIBPCjlLmLXUvorg-pEg.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14182
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 19:17:24 GMT
expires: Sat, 21 Oct 2023 19:17:24 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 11 Oct 2022 09:30:00 GMT
content-type: text/javascript
age: 16126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aa309aedf8b141359457b1e4e2ccb131
c724074a6ca5a6d6e9647cac8e94477311f67fb4
79dedaea42a3a988a64fc4d1510cebc024c84eda44f3549da13d28bce54f2b2f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 794a6d2df00fc15e8b4ed6ff4992525e
f8d67c7fd506709d7232298859fe2b3daf374f29
02d38690754b5d99178d576fe6df6c1ca881a2bbd806a75c633c371fac0221da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/xMpxnDUtAyk/sddefault.webp
142.250.74.182200 OK 34 kB URL HTTP/2 i.ytimg.com/vi_webp/xMpxnDUtAyk/sddefault.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8794dfc66abba9cf8f95836f770414c8
fe393db88c95b6ffaaa390c98d95f4cb3b00b5e2
52d3b2b36669982d8f92c6f6aa27aea306766d38fcb18794a01cd1e5574f8007
GET /vi_webp/xMpxnDUtAyk/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 23:46:10 GMT
expires: Sat, 22 Oct 2022 01:46:10 GMT
cache-control: public, max-age=7200
etag: "1663105600"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f5a0403c34dd256feacb1af3a533cac1
f0433e15b73b22d61caff3a718a2ec745bdf7421
ca62e818ba50bcf980f8fca10ded9c1f190d0909ddc8d3de32b76eb7a9d99204
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_CVdQEytioFOF85mD2YjQQGB-Imhd9cBwgRFn8xg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.7 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_CVdQEytioFOF85mD2YjQQGB-Imhd9cBwgRFn8xg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash b63dc2aaee0b48d8ab42401aa9170277
a97d95637fc7f094ec1a687acfe00fb52cb1d472
c32b74fd693a8917457f6a86ce8406217bdfe415b43d9355420ec46beb3175c2
GET /ytc/AMLnZu_CVdQEytioFOF85mD2YjQQGB-Imhd9cBwgRFn8xg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3742
x-xss-protection: 0
date: Fri, 21 Oct 2022 23:23:57 GMT
expires: Mon, 19 Sep 2022 16:22:44 GMT
cache-control: public, max-age=86400, no-transform
age: 1333
etag: "v37e"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aa309aedf8b141359457b1e4e2ccb131
c724074a6ca5a6d6e9647cac8e94477311f67fb4
79dedaea42a3a988a64fc4d1510cebc024c84eda44f3549da13d28bce54f2b2f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f5a0403c34dd256feacb1af3a533cac1
f0433e15b73b22d61caff3a718a2ec745bdf7421
ca62e818ba50bcf980f8fca10ded9c1f190d0909ddc8d3de32b76eb7a9d99204
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 23:46:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 21 Oct 2022 23:46:10 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.170200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash dca2c9350394e535fd6bfd8d88ac29bd
2ef7794f898981c59dfe4513c26e89d2f0e3c80f
2dde1a45ddc9bb993b4d4edc5704852a3265e2ec0839db5779f0f1f408f90d6e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1255
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 21 Oct 2022 23:46:10 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2