Report - reproductiverights.org/en/document/paulina-five-years-later]

Report Overview

Submitted URL
reproductiverights.org/en/document/paulina-five-years-later]
IP
141.193.213.20
ASN
#209242 Cloudflare London, LLC
Submitted
2023-01-19 23:46:50
Access
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
profile.ngpvan.com	65920	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	863 B	2.8 kB	45.60.33.183
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	630 B	349 B	31.13.72.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	29 kB	31.13.72.12
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	143.204.42.156
kit.fontawesome.com	1868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	651 B	104.18.23.52
boards.greenhouse.io	45500	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	2.2 kB	54.243.78.41
ka-p.fontawesome.com	4489	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	192 kB	104.18.23.52
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	512 B	1.7 kB	143.204.55.118
secure.ngpvan.com	76538	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	450 B	1.5 kB	45.60.33.183
reproductiverights.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	877 B	870 B	141.193.213.20
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	75 kB	34.120.237.76
analytics.twitter.com	526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	771 B	613 B	104.244.42.3
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	618 B	717 B	64.233.161.154
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.6 kB	93.184.220.29
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	69 kB	143.204.55.68
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
js.verygoodvault.com	67974	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	45 kB	54.230.111.34
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	82 kB	142.250.74.168
static.ads-twitter.com	614	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	16 kB	151.101.84.157
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	21 kB	142.250.74.110
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	521 B	694 B	142.250.74.163
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	522 B	694 B	142.250.74.164
static.everyaction.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	263 kB	54.230.111.118
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.20.60
secure.everyaction.com	68625	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	7.2 kB	45.60.33.183
skbndfcnuk.duckdns.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	247 B	301 B	63.251.217.14
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	632 B	143.204.55.54
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	754 B	593 B	104.244.42.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-19	medium	skbndfcnuk.duckdns.org/a.zip	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	reproductiverights.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL reproductiverights.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 04:19:35 Times Seen68652 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	reproductiverights.org/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.7	34 kB	2023-03-07	2024-04-25
Pretty URL reproductiverights.org/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-25 16:04:44 Times Seen7245 Hash dffa195b546cf1dfd52f2206955eb892 a3d48e8f126eb96d12191d76ed71ad2bc8651d59 6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f Loading...

	reproductiverights.org/paulina-five-years-later]/	153 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:55 Last Seen2023-03-13 03:33:55 Times Seen1 Hash 4fe30bb5cbbb40ab9545433907aac269 4f64ccfda73f7475d101ba71d3918003686b54d0 2f22a3054e415f79ad342a7499cceba6074412b3919d8b83cf7eeda05604b9a9 Loading...

	reproductiverights.org/paulina-five-years-later]/	344 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:55 Last Seen2023-03-13 03:33:55 Times Seen1 Hash 37554b9bf6b21165ab2d968b133c6e5e 27a51961dfceec0ea62a7350d062427aca949a78 2a094cebbc2c0bf3f57b0e1b76432768e4276bc2c68e78cdf65b26c81e88d40c Loading...

	reproductiverights.org/wp-content/plugins/ajax-load-more-anything/assets/js/scripts.js?ver=3.1.1	0 B	2023-03-07	2024-04-26
Pretty URL reproductiverights.org/wp-content/plugins/ajax-load-more-anything/assets/js/scripts.js?ver=3.1.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 05:07:17 Times Seen37083753 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static.everyaction.com/ea-actiontag/at.js	835 kB	2023-03-13	2023-03-13
Pretty URL static.everyaction.com/ea-actiontag/at.js IP 54.230.111.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 58785aa9880772f2961adaec6372b039 096afd367c774d8e5ef3fb4d180380b6c0843146 a7324cee3afe3f83e4528c58fa00d0e50614b3234bb32b16256c08e793d70b4e Loading...

	reproductiverights.org/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2	6.2 kB	2023-03-08	2024-04-19
Pretty URL reproductiverights.org/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-19 20:39:51 Times Seen230 Hash 4f4c316dffd24d6729d7aaf427289ecb 386ef24f10e78632ebad109e85d8215484a82d70 033e0749f8158d222c10ec42a544afb64e164468b3343b87dbbd6717e380b7d7 Loading...

	reproductiverights.org/paulina-five-years-later]/	304 B	2023-03-07	2024-01-28
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:52 Last Seen2024-01-28 11:47:22 Times Seen18 Hash ccc7abb1dd496ccc46f83d79641eab87 c746dafae237c9fe55364e52ffbb1f26ef37224b 0353c1802893a7ecfb81ede973aa99d810a039abdb59ae139a1789531c4a5edd Loading...

	reproductiverights.org/sites/default/files/google_tag/google_tag.script.js?q6dbf7	347 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/sites/default/files/google_tag/google_tag.script.js?q6dbf7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash e01d71de8de8dea7ad6242b0c0256ed9 cf318c5743cbbe42df735721fdc7ba173fe17f9c 57db6e4842a33e7dd456e7616d2080d39fe40babbaf8deb60920dc8f254d004f Loading...

	boards.greenhouse.io/embed/job_board/js?for=centerforreproductiverights	5.4 kB	2023-03-13	2023-03-13
Pretty URL boards.greenhouse.io/embed/job_board/js?for=centerforreproductiverights IP 54.243.78.41 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash b618de584443ab1503df772790532289 e6c5a49bdae0283ed2f8d37cec2a2594ae202781 cc90b657a9fe8ea76d0739dc54de3cf2b3ab86c15402a2fd4ceadb7eebe45507 Loading...

	reproductiverights.org/paulina-five-years-later]/	422 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash c9e31d67db602bb6c64f4efc4103a2de 19518ac4c0ff28c0c67eb40455e3f2355ddce814 9e6dc72064ce514d14fe11893440f86a1d7d2b11b3425a9903d890911d2dda9f Loading...

	vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html	2.3 kB	2023-03-13	2023-03-13
Pretty URL vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html IP 143.204.55.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:07:15 Last Seen2023-03-13 08:15:04 Times Seen1 Hash 1019108cf7a97736cdc9d97437ebd93d 4b79ccae17587441c09f5ac426d16a0242a80845 f84e4ee65a37b19f492187fc29716830be18b0e085217747dd3b3355b884a153 Loading...

	reproductiverights.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-26
Pretty URL reproductiverights.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 04:19:36 Times Seen31827 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	reproductiverights.org/wp-content/plugins/footnotes/js/jquery.tools.min.js?ver=1.2.7.redacted.2	12 kB	2023-03-08	2023-12-01
Pretty URL reproductiverights.org/wp-content/plugins/footnotes/js/jquery.tools.min.js?ver=1.2.7.redacted.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:08:45 Last Seen2023-12-01 13:13:48 Times Seen43 Hash 0ec54e88985b1d45ae9fae833d688064 19c6fe05fce9b1aa66ac05cef5e493f002c8489d 662c85aebbc266c08215bc86fa53e901a76870800a264121c1fbb36fa521b69a Loading...

	reproductiverights.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-26
Pretty URL reproductiverights.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 04:19:35 Times Seen9814 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	reproductiverights.org/paulina-five-years-later]/	2.8 kB	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 43f031a550c949588ecaeaa3dd35127e c57e5cc1a74f0e13fa1d4cabe48d0812f6e4889f 5d1f0cad4a2b1e6bfc51311e7ec998bd9f6221ad3e77b16abd7cb6c5d30cc4a2 Loading...

	connect.facebook.net/en_US/fbevents.js	109 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:30:49 Last Seen2023-03-13 08:53:57 Times Seen1 Hash ab83678e33d91a4c05df6e3d3f200bce 499efc34dc56dbc5e8a6fdb3a7dc4cfda2a3848d ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd Loading...

	js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js	137 kB	2023-03-08	2023-05-23
Pretty URL js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js IP 54.230.111.34 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:11 Last Seen2023-05-23 22:22:19 Times Seen7 Hash 2eb620d1b4f90db03c929f89d188cf80 a8934eaa7b235fb906cea9c0b14c30654bb0e5cd cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff Loading...

	kit.fontawesome.com/77af02b389.js	11 kB	2023-03-13	2023-03-13
Pretty URL kit.fontawesome.com/77af02b389.js IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 2e40e51a64c00ad21b7ee4dbbb25e7af ca84828071c46840e4eb6f18d77cffe40e088628 042dcd8ac374721f9c76888f697aec07685bbbbe32b5860d506e11ed1d6c9435 Loading...

	reproductiverights.org/wp-content/plugins/foobox-image-lightbox-premium/pro/js/foobox.min.js?ver=2.7.23	150 kB	2023-03-07	2023-03-14
Pretty URL reproductiverights.org/wp-content/plugins/foobox-image-lightbox-premium/pro/js/foobox.min.js?ver=2.7.23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:59:27 Last Seen2023-03-14 14:44:23 Times Seen1 Hash 7328d34737a65864913c8a2f57fedd75 fa4ffcde7766db745e186fa6290a5a9ec7a3666a 35d81fabe6f932070923b1daf7081d2f5f495a45bfb0236cf8eb57da7f8e9161 Loading...

	reproductiverights.org/paulina-five-years-later]/	451 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 89f2095dd84c0dcb929aa2467b82c6f0 8c609896dc6a4d5b34f34cf6bd9919e36aecaa50 ff39ff45f07a1bfaa1fbddb365ff956c06700670cc2c15b7937373fcc22ad295 Loading...

	reproductiverights.org/paulina-five-years-later]/	1.4 kB	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 87051de15c35c29d79888c33c4d7de87 cdafa8dae87b1d1c7eaa6e5d4bb4a37eb92c3626 1994324e79e423a6a720c6f88c5e91b1c48f948610f42a7bc9d4452c295e786e Loading...

	reproductiverights.org/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.2	2.3 kB	2023-03-07	2024-03-29
Pretty URL reproductiverights.org/wp-content/plugins/to-top/public/js/to-top-public.js?ver=2.5.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:42:49 Last Seen2024-03-29 15:13:26 Times Seen300 Hash 3412a76d1309925e4c16893c6446ef4b f8dfd0d9131393f999d11d8d95c7b55553c4b38d bb44226b5403b6df28bc66e0075d515156bfa7ca25dbf613c9e00758e035b8dc Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5BQPXJ	238 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5BQPXJ IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash d95c1993d72556783be5845b55866680 3f83a6a29baa92794da2edda4392e71e719f9987 0c0e0559a70e9fb41235ab3b0a4b895a1f3092bff9fed5bd4cbff1058684b582 Loading...

	reproductiverights.org/paulina-five-years-later]/	390 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash b9cab167c5bb131e303cfe84588e1e57 9106bb4e35c68e4713cee77fc4b771a39f0d2f34 94314f34ee1ac08d6237470e21f7c4612fa2f81cdef8f1579c5d953686191557 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	profile.ngpvan.com/identity?callback=_jqjsp	72 B	2023-03-13	2023-03-13
Pretty URL profile.ngpvan.com/identity?callback=_jqjsp IP 45.60.33.183 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash a4f22e14b7e96303ef96b9210ab1e58b 606878f53585890a17c51d9451aee2def00a3e36 02e67769754d881c4e95bd31be2a9cf3388098450cb3cb8ebb4db8e85c57a467 Loading...

	reproductiverights.org/paulina-five-years-later]/	572 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 2c13f88b1c3c108b5158140355418a25 25f2e2910793609d5642bb86b51cb3151e647042 f093ff0115aeb7b0b30a50cf6a6a6f9dadb7b167cce87ff0fbb3278b5505f1db Loading...

	reproductiverights.org/paulina-five-years-later]/	556 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 3f33afb9e40cb62b25fb05fa6da77347 3018a9747b89f02f42211a1642cf1f10e7ef4d93 379d79fca69f39ea865333af09870ab57cafaac393163dc9025e71f1cf1bec8b Loading...

	reproductiverights.org/paulina-five-years-later]/	2.0 kB	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash b8eb354320cac440d1724cbe48906b7d 77995f738238afef32296328ab8917746aead6f3 ca700300d5e983f0798dc3a5776729cdc99a9e148b9f90084161b60993d72dd4 Loading...

	static.hotjar.com/c/hotjar-1712413.js?sv=6	8.7 kB	2023-03-13	2023-03-13
Pretty URL static.hotjar.com/c/hotjar-1712413.js?sv=6 IP 143.204.55.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 124687e25d82ed9498baf08a2e4c4bb7 66f732971a80c47e5942f1ceb8acb23815d26aeb be2d5c6b850761aab78279a3afaff55ab059589f5eabc522f15c27c17152845e Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	connect.facebook.net/signals/config/587771081432263?v=2.9.94&r=stable	387 kB	2023-03-13	2023-03-13
Pretty URL connect.facebook.net/signals/config/587771081432263?v=2.9.94&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash b0622b01ff3f961cafff9e38346464bd fd61c2995b96dcc2d7384b19f7be3f35dd4b8871 385f01930e69ab15c823e24178f0d038b16dc91133f375c722ec24b78dccfe79 Loading...

	reproductiverights.org/paulina-five-years-later]/	1.9 kB	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash c7aa1e169a4030781a6555c8870d36f9 1e8483e15d08e48d5891c80046da7eb32f6a210d bd95e4cc94a5a1c5f8600de5d0bb24c0430256acd649eabef5d5c4b57c10381a Loading...

	reproductiverights.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-26
Pretty URL reproductiverights.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 03:10:32 Times Seen54999 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	reproductiverights.org/paulina-five-years-later]/	148 B	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 80db352e1f55c20ddd0e5e9fdc9d7fc0 cc41704850a7876aa253e91aac08848fed153eda 4b60700fb0f798c5bb889b0425485026f5559b3846101962baddc6f34b52cb78 Loading...

	reproductiverights.org/paulina-five-years-later]/	3.0 kB	2023-03-13	2023-03-13
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 03:33:56 Last Seen2023-03-13 03:33:56 Times Seen1 Hash 6b5a0307b3cd37ebe7d5224064b45f73 1a22fbfd380030e5fe1e5d99193e667c5c6daeaa 198ab5e7cc281760cd78f9c62d364b87fe611f51570a11dc52079de13dffc5f9 Loading...

	reproductiverights.org/paulina-five-years-later]/	1.0 kB	2023-03-07	2024-04-25
Pretty URL reproductiverights.org/paulina-five-years-later]/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-25 23:43:01 Times Seen1736 Hash 2e075113519802da6ca3dfbca8fea7ec e5f0fc217a3c4d3013e0939cf1367788f1d83309 87c806d6e3568b4d92d34ba19e73da9fe21f4ce50b0448b40f8e9ee9e030fdd9 Loading...

HTTP Transactions (74)

URL IP Response Size

reproductiverights.org/en/document/paulina-five-years-later]

141.193.213.20

301 Moved Permanently

162 B

URL HTTP/1.1
reproductiverights.org/en/document/paulina-five-years-later]
IP
141.193.213.20:0
ASN
#209242 Cloudflare London, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /en/document/paulina-five-years-later] HTTP/1.1
Host: reproductiverights.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 19 Jan 2023 23:46:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://reproductiverights.org/document/paulina-five-years-later]
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78c3736ddda6b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
37284a837312d6586460a3b86bbe7bd0
6ac0847abd48eb8607597218aaa2cb2d434c012b
6a0e11bb042555d72b397ae0cc3d5e242d3a3fe04418e28ffd222decca7d16ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A0E11BB042555D72B397AE0CC3D5E242D3A3FE04418E28FFD222DECCA7D16CA"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11166
Expires: Fri, 20 Jan 2023 02:52:44 GMT
Date: Thu, 19 Jan 2023 23:46:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15314
Expires: Fri, 20 Jan 2023 04:01:52 GMT
Date: Thu, 19 Jan 2023 23:46:38 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10062
Expires: Fri, 20 Jan 2023 02:34:20 GMT
Date: Thu, 19 Jan 2023 23:46:38 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 23:34:34 GMT
content-type: application/json
age: 724
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e00b56a1808ab68768546e324b800318
0920fc26bd9b06c4045a4e1aa75bdb79db338ea7
4fc23acd9409b0dea7930b2a7f7072cca27e88fc6f861d61b23b4649342d486b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FC23ACD9409B0DEA7930B2A7F7072CCA27E88FC6F861D61B23B4649342D486B"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Fri, 20 Jan 2023 05:46:25 GMT
Date: Thu, 19 Jan 2023 23:46:38 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jiAaI6aLQhl8bSkn7qyzkAFJvF/eSUf2F8qx1UhYpq437d/bUjZ7v47SBGWiyLjBmpHf7/vxuoM=
x-amz-request-id: 9TYP7HX2WAR8GQ4H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 23:46:06 GMT
age: 32
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 23:46:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e00b56a1808ab68768546e324b800318
0920fc26bd9b06c4045a4e1aa75bdb79db338ea7
4fc23acd9409b0dea7930b2a7f7072cca27e88fc6f861d61b23b4649342d486b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FC23ACD9409B0DEA7930B2A7F7072CCA27E88FC6F861D61B23B4649342D486B"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Fri, 20 Jan 2023 05:46:25 GMT
Date: Thu, 19 Jan 2023 23:46:38 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 23:17:27 GMT
age: 1752
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dce4a8be753d4a93db03ffca50421c43
068040a8f69777484e545c0053ad54f273710797
7e6dddef8a4a5502c9715f8c20dcb75e132ecc875f13459a967c9e235e9ce3e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 715
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:39 GMT
Etag: "63c90825-1d7"
Last-Modified: Thu, 19 Jan 2023 23:34:45 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
fd771011541e492b810cdad45a6d0f96
a0043711ea79f04e6f17208dd1883e8da526ef5f
680be802dcb0c10987aff3536fd215669d8f042891060a27e5eabbc490f7de0c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90654
Date: Thu, 19 Jan 2023 23:46:39 GMT
Etag: "63c88572-1d7"
Expires: Sat, 21 Jan 2023 00:57:33 GMT
Last-Modified: Wed, 18 Jan 2023 23:49:06 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EPhHl-sXMgdlWBxhIRGwdG3nXeDGQsYlB9_URHvqum9sQgLx3vL2dA==
Age: 4107

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
fd771011541e492b810cdad45a6d0f96
a0043711ea79f04e6f17208dd1883e8da526ef5f
680be802dcb0c10987aff3536fd215669d8f042891060a27e5eabbc490f7de0c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 19 Jan 2023 23:46:39 GMT
Last-Modified: Thu, 19 Jan 2023 23:46:27 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A1VZVYFPBXwPDoYgk5Tn4m0UwW1UGSzoye6bO_hwmssFRNVzjlOkKA==
Age: 13

static.everyaction.com/ea-actiontag/at.js

54.230.111.118

200 OK

235 kB

URL HTTP/2
static.everyaction.com/ea-actiontag/at.js
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (32063)
Size
235 kB (235429 bytes)
Hash
0fd25d6badaaae7af8de7808b93cb462
095a414191742375ac414c0866244d0dce86cc84
f482f66ab8f93810f07075dade1f2e7012cf6148800540fbefd17278c98ab15b

HTTP Headers

GET /ea-actiontag/at.js HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 235429
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 17 Jan 2023 17:21:32 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 19 Jan 2023 04:49:20 GMT
cache-control: max-age=900, s-maxage=86400, public
etag: "0fd25d6badaaae7af8de7808b93cb462"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6C78lGD8s1FqbAAMQfloCMpV285A8wWyf-beQ0t35TzbqbJSNzpR5A==
age: 68410
X-Firefox-Spdy: h2

static.everyaction.com/ea-actiontag/at.min.css

54.230.111.118

200 OK

12 kB

URL HTTP/2
static.everyaction.com/ea-actiontag/at.min.css
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (60105), with CRLF, LF line terminators
Size
12 kB (11464 bytes)
Hash
70db6fb60e80f50d46e3250f08d7e2a2
37caa0c55db8ec60d3917ddd7bcfea3378e63052
eb70633154ab010e70040d6b37f6180032e150c9398d9b60dec4f2d4e45a8871

HTTP Headers

GET /ea-actiontag/at.min.css HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 11464
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 17 Jan 2023 17:21:32 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 19 Jan 2023 17:35:19 GMT
cache-control: max-age=900, s-maxage=86400, public
etag: "70db6fb60e80f50d46e3250f08d7e2a2"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m8EdYrdvyBiOQc_ktGUqPi21mYVYp_aSZ9wP6N2uQJnKaq-JaH-8-A==
age: 67782
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.89.20.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.20.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WTRWSMp7IQTtCDFF/SBfnw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nQXfOqU7UFIaGZQX1PCdcE8oUpA=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
08bea65fdc87a84dc2340502051235c7
692e84da19982709ea7915a2c7e6ef7096885b0e
37fb04579cdbd3633105e9200019d93dd2d0dd10496d5ca82a3bdecf8aa8ce96

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37FB04579CDBD3633105E9200019D93DD2D0DD10496D5CA82A3BDECF8AA8CE96"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6125
Expires: Fri, 20 Jan 2023 01:28:44 GMT
Date: Thu, 19 Jan 2023 23:46:39 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d202273e867b01591672b07722f430fb
4bbab50550b5b6a583e1fcdeb68c1b6b67b0cd87
5b4ab20a3dc9a884b04e727e6d62a1428984126ea975e308c48a6e9b6581146a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-5BQPXJ

142.250.74.168

200 OK

81 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5BQPXJ
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18403)
Size
81 kB (81063 bytes)
Hash
5947cec8790129d3afb10dfb8e6e4c03
91fbd9510d5ccfe91fef5147a9bc525b64c76a9e
642bc69f22e18826fdeb740c33893c2afa73bc05c4f09ce32292942c0d0ec22f

HTTP Headers

GET /gtm.js?id=GTM-5BQPXJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jan 2023 23:46:39 GMT
expires: Thu, 19 Jan 2023 23:46:39 GMT
cache-control: private, max-age=900
last-modified: Thu, 19 Jan 2023 23:26:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81063
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

boards.greenhouse.io/embed/job_board/js?for=centerforreproductiverights

54.243.78.41

200 OK

1.7 kB

URL HTTP/2
boards.greenhouse.io/embed/job_board/js?for=centerforreproductiverights
IP
54.243.78.41:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
1.7 kB (1734 bytes)
Hash
0bbf9261a376608d756f79c8b62ed797
4f9336c0c8ab2e3a492a290cc72e830c9f20d2c6
60b1f826fb7908b0030a40e5ec5977823f3342da7030d8902a1927880db988a8

HTTP Headers

GET /embed/job_board/js?for=centerforreproductiverights HTTP/1.1
Host: boards.greenhouse.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:39 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
etag: W/"cc90b657a9fe8ea76d0739dc54de3cf2"
cache-control: max-age=0, private, must-revalidate
x-request-id: c1255a61f4b0606eb63bc1f6676f6ab6
x-runtime: 0.009721
strict-transport-security: max-age=15724800; includeSubDomains
x-xss-protection: 1; mode=block
x-download-options: noopen
content-encoding: gzip
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=77af02b389

104.18.23.52

200 OK

4.2 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=77af02b389
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26366)
Size
4.2 kB (4194 bytes)
Hash
7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=77af02b389 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reproductiverights.org/
Origin: https://reproductiverights.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 19731298
accept-ranges: bytes
server: cloudflare
cf-ray: 78c373782ff2b4eb-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=77af02b389

104.18.23.52

200 OK

94 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=77af02b389
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
94 kB (93464 bytes)
Hash
190295611f22f373c5634efb79fee23f
11f255a5fe295fd8fc9b8f7f58f45db914016160
5a70ddbe8197229271dce74a67fdebd1df96edfbaa104f623771a7c037e6b453

HTTP Headers

GET /releases/v5.15.4/css/pro.min.css?token=77af02b389 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reproductiverights.org/
Origin: https://reproductiverights.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 19794587
accept-ranges: bytes
server: cloudflare
cf-ray: 78c373782ff1b4eb-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=77af02b389

104.18.23.52

200 OK

3.1 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=77af02b389
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.1 kB (3073 bytes)
Hash
c703e4da2a6161255640a636fdb894d7
3b2e96c22f54976eaa80d1ab6e6a5491d363538d
f7baadc681849af7734c344bde716027e50dec31a77c97f1555687aff45f4d52

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=77af02b389 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://reproductiverights.org/
Origin: https://reproductiverights.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 12789808
accept-ranges: bytes
server: cloudflare
cf-ray: 78c373782ff3b4eb-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d202273e867b01591672b07722f430fb
4bbab50550b5b6a583e1fcdeb68c1b6b67b0cd87
5b4ab20a3dc9a884b04e727e6d62a1428984126ea975e308c48a6e9b6581146a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 19 Jan 2023 23:46:40 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-bma1683-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 19 Jan 2023 22:41:07 GMT
expires: Fri, 20 Jan 2023 00:41:07 GMT
cache-control: public, max-age=7200
age: 3933
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c09fe3755f0cababb9dbd1e047bfd56
d76f6078e850d2821cef9aafec1dbca9654da281
1cc0bf113be42f803bb99403507f33ec49151538c5227d3d1d4c498e1ccd013d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2530
Cache-Control: max-age=105236
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:40 GMT
Etag: "63c8c492-1d7"
Expires: Sat, 21 Jan 2023 05:00:36 GMT
Last-Modified: Thu, 19 Jan 2023 04:18:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

script.hotjar.com/modules.4829238839b92db7e6b6.js

143.204.55.68

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.4829238839b92db7e6b6.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48015)
Size
69 kB (68627 bytes)
Hash
33cdf1335ebc1b6d54f0110dc31bd36c
0fb8d71d83bb707ad67943e4fff34423909949dd
7dfc08ff97621de55cfbe9e0235669f54d91ddc83e2d38c5edb69473bc728672

HTTP Headers

GET /modules.4829238839b92db7e6b6.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68627
date: Wed, 18 Jan 2023 10:13:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "33cdf1335ebc1b6d54f0110dc31bd36c"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: B-0n5pXm42T3eiT3ldniBkWJnDSN3tII_wqGKlN8pUoCsBO5x95_SQ==
age: 135215
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27859 bytes)
Hash
9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ujTJl32j5A39+6UYiPriMKvVTbMa6ve5NHy/znlZ6Kl91Yro6Oe6l8MIBDlNtRhqVUeup/r9JN93SWfnoHq2YA==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Thu, 19 Jan 2023 23:46:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c09fe3755f0cababb9dbd1e047bfd56
d76f6078e850d2821cef9aafec1dbca9654da281
1cc0bf113be42f803bb99403507f33ec49151538c5227d3d1d4c498e1ccd013d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2530
Cache-Control: max-age=105236
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:40 GMT
Etag: "63c8c492-1d7"
Expires: Sat, 21 Jan 2023 05:00:36 GMT
Last-Modified: Thu, 19 Jan 2023 04:18:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
5046a48b746819582384f01d5f06efbb
a81a575c34f992daba3c9b2f04827d0a2a867dda
fe20d80b024eea3d786b5a4c98a85f6994b0be3066e55d96854d0e189b12f4f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2462
Cache-Control: max-age=132541
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:40 GMT
Etag: "63c92f7f-138"
Expires: Sat, 21 Jan 2023 12:35:41 GMT
Last-Modified: Thu, 19 Jan 2023 11:54:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312

static.everyaction.com/ea-actiontag/extra.min.css

54.230.111.118

200 OK

14 kB

URL HTTP/2
static.everyaction.com/ea-actiontag/extra.min.css
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
14 kB (14216 bytes)
Hash
6db388270459a379a07a4cfe20000db2
744a7b09f1c25ebda137f033cbaca6dcefa1fc59
ff0823939be5f4d87e3892d941bd30e4d13d6fb96a17e32738ea85da1f448b73

HTTP Headers

GET /ea-actiontag/extra.min.css HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 14216
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 17 Jan 2023 17:21:32 GMT
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Thu, 19 Jan 2023 17:35:20 GMT
cache-control: max-age=900, s-maxage=86400, public
etag: "6db388270459a379a07a4cfe20000db2"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oFu9i30i3AkxFI5r77fqaad9zXLgh2BzgGiTP8IZ_CUXMj-Eq2u2VQ==
age: 23897
X-Firefox-Spdy: h2

vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html

143.204.55.118

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP
143.204.55.118:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65

HTTP Headers

GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uoHlNuUB8CmrDqTmagjIs9PWFw-YpPJRg5YY-TIeTk20DC13Ogj24g==
age: 135214
X-Firefox-Spdy: h2

js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js

54.230.111.34

200 OK

44 kB

URL HTTP/1.1
js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
IP
54.230.111.34:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (65432)
Size
44 kB (44059 bytes)
Hash
d861aef11f034940673614d0dc372376
92db39d06e7cb10d51c7a5112c396e7a1d76009e
fde091289dbd2bdb298ee91c1fc65bd12fef25b570c900e6556daa6978ff90e7

HTTP Headers

GET /vgs-collect/2.14.0/vgs-collect.js HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:52 GMT
x-amz-version-id: uQF6CVoMnT1mOHvFavSn8ur6rXtO9Qh9
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Thu, 19 Jan 2023 23:46:28 GMT
Cache-Control: max-age=60
ETag: W/"2eb620d1b4f90db03c929f89d188cf80"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QsDVZZbuoCYM84vTceB3RSl5ZMAWPomdpyPdF53Mg24f1XyQVcYs1A==
Age: 22

t.co/i/adsct?bci=3&eci=2&event_id=0006ce58-5ef3-4b3f-bf69-6f135fd2d676&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9051b3a3-884b-4752-98fc-031d624d19b2&tw_document_href=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2gl0&type=javascript&version=2.3.29

104.244.42.133

200 OK

43 B

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=0006ce58-5ef3-4b3f-bf69-6f135fd2d676&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9051b3a3-884b-4752-98fc-031d624d19b2&tw_document_href=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2gl0&type=javascript&version=2.3.29
IP
104.244.42.133:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=0006ce58-5ef3-4b3f-bf69-6f135fd2d676&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9051b3a3-884b-4752-98fc-031d624d19b2&tw_document_href=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2gl0&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=321285bf-f6bb-4765-bb72-1c94e4cec820; Max-Age=63072000; Expires=Sat, 18 Jan 2025 23:46:40 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 1114a89f3e4c5cec
strict-transport-security: max-age=0
x-response-time: 105
x-connection-hash: d7c8219d4348b59a9aeab0d289ef30cfaa57577308a885241ba365516684f49a
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2

104.18.23.52

200 OK

20 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 19784, version 331.-31196\012- data
Size
20 kB (19784 bytes)
Hash
c7682b8035fc1d1672d6455631813794
9e2955e5e55b3073e229c218724406425862d4a1
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
content-type: font/woff2
content-length: 19784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35f-4d48"
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 13097759
accept-ranges: bytes
server: cloudflare
cf-ray: 78c3737ccb38b4eb-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2

104.18.23.52

200 OK

38 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 37796, version 331.-31196\012- data
Size
38 kB (37796 bytes)
Hash
6cdf281bc8af0068561fe6aa361a6a0b
4b11f830ee1b852b8aa46ea7e4cfe709a327bf58
49fd3e0c64f247cf56cb828bc37b88cf139df6e5c7bb4c3a4507f740e9a52c17

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
content-type: font/woff2
content-length: 37796
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae351-93a4"
last-modified: Wed, 04 Aug 2021 18:58:25 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 19603112
accept-ranges: bytes
server: cloudflare
cf-ray: 78c3737ceb42b4eb-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.8.2.woff2

104.18.23.52

200 OK

2.4 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.8.2.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 2412, version 331.-31196\012- data
Size
2.4 kB (2412 bytes)
Hash
714ee8de820748bab5090d91cd5b7690
07f4d4dfe5e3c9045f41996eb1ac8ecbbcc779bf
322c181b1aab5807cd0a7ed9e249ddbd97fa385ca3d338aa59ef1f610ca24601

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-brands-400-5.8.2.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
content-type: font/woff2
content-length: 2412
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae353-96c"
last-modified: Wed, 04 Aug 2021 18:58:27 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 620415
accept-ranges: bytes
server: cloudflare
cf-ray: 78c3737ceb48b4eb-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2

104.18.23.52

200 OK

23 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 23316, version 331.-31196\012- data
Size
23 kB (23316 bytes)
Hash
e0e8f01313f5061924cb318b031d706e
8ddfde7f46123a327ec627acf520741b1f016eb9
78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
content-type: font/woff2
content-length: 23316
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35c-5b14"
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 17214598
accept-ranges: bytes
server: cloudflare
cf-ray: 78c3737ceb4cb4eb-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.3.woff2

104.18.23.52

200 OK

4.1 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.3.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 4128, version 331.-31196\012- data
Size
4.1 kB (4128 bytes)
Hash
6c7fc79d2c37a2d585ee0ecf17e627ac
11d26170527a65db26cf61a94dd7a24d29c43459
3964a0236fa4d31909d09b3c436016881336007bcd4d533e27dabf200179e67f

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-brands-400-5.0.3.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
content-type: font/woff2
content-length: 4128
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae351-1020"
last-modified: Wed, 04 Aug 2021 18:58:25 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 13066319
accept-ranges: bytes
server: cloudflare
cf-ray: 78c3737ceb49b4eb-OSL
X-Firefox-Spdy: h2

profile.ngpvan.com/identity?callback=_jqjsp

45.60.33.183

200 OK

190 B

URL HTTP/2
profile.ngpvan.com/identity?callback=_jqjsp
IP
45.60.33.183:0
ASN
#19551 INCAPSULA

File type
ASCII text, with no line terminators
Size
190 B (190 bytes)
Hash
039dfb57a6eda3d95fee29a9521413f9
0e345186567b4208d95c845d4716fc69907ab004
3d4af735f6af1ba47ce6c3f17c67d69fe1cae6df9d5509c88578580df66d5344

HTTP Headers

GET /identity?callback=_jqjsp HTTP/1.1
Host: profile.ngpvan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Thu, 19 Jan 2023 23:46:40 GMT
server: Microsoft-IIS/10.0
content-encoding: gzip
etag: W/"48-YGh49TWFiQoXxR2UUa7i3vAKPjY"
vary: Accept-Encoding
content-length: 190
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
x-powered-by: Express, ASP.NET
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-content-type-options: nosniff
set-cookie: visid_incap_2233503=n/VMPxgMRFmEtU0ssaZ7mVPWyWMAAAAAQUIPAAAAAADy5hmoxHzPGXuncqT+ci3x; expires=Fri, 19 Jan 2024 22:16:10 GMT; HttpOnly; path=/; Domain=.ngpvan.com
nlbi_2233503=8B34F7On8AHfwSl4vIV21QAAAABuo39YK+gJwKC9F2pal+jy; path=/; Domain=.ngpvan.com
incap_ses_276_2233503=yzCnHxhtXjwlcjepHo3UA1/WyWMAAAAAu3hWGBrio1S5fEvxfkkL8g==; path=/; Domain=.ngpvan.com
TiPMix=14.016565605070742; path=/; HttpOnly; Domain=profile.ngpvan.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
x-ms-routing-name=self; path=/; HttpOnly; Domain=profile.ngpvan.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
ngpvanuser=n6EWoGmWa94eslO3UHv9DmbF; Max-Age=315532800; Path=/; Expires=Tue, 18 Jan 2033 23:46:40 GMT; Secure; SameSite=None; SameSite=None; Secure
x-cdn: Imperva
x-iinfo: 10-641951-641953 NNNN CT(98 100 0) RT(1674171999627 16) q(0 0 2 1) r(3 3) U5
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15836
Expires: Fri, 20 Jan 2023 04:10:36 GMT
Date: Thu, 19 Jan 2023 23:46:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15836
Expires: Fri, 20 Jan 2023 04:10:36 GMT
Date: Thu, 19 Jan 2023 23:46:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15836
Expires: Fri, 20 Jan 2023 04:10:36 GMT
Date: Thu, 19 Jan 2023 23:46:40 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2c28916-3631-461f-8eaf-6d24961d9110.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2c28916-3631-461f-8eaf-6d24961d9110.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11034 bytes)
Hash
476046a1ca0444e381e76423ec70a59e
fca15006510971eeece8d0b0f0594e52c7089297
d15bd15ff9ac7ac17ecf1c85c6db3022db8e92ddc7a8d19e99f320b931be4236

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2c28916-3631-461f-8eaf-6d24961d9110.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11034
x-amzn-requestid: ea862f2a-f9df-4a80-a27e-5728e6a39c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6w5UFWsoAMFobQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c761d5-0d35e5a712fff4a57bf265b9;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sZdHPl3ikAqc-h9G-jxdw9wEb4sr7dljeD_lO2abCmGU8sLh30V57Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 04:41:24 GMT
age: 68716
etag: "fca15006510971eeece8d0b0f0594e52c7089297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

profile.ngpvan.com/v2/data/n6EWoGmWa94eslO3UHv9DmbF/nvtag

45.60.33.183

200 OK

123 B

URL HTTP/2
profile.ngpvan.com/v2/data/n6EWoGmWa94eslO3UHv9DmbF/nvtag
IP
45.60.33.183:0
ASN
#19551 INCAPSULA

File type
JSON data\012- , ASCII text, with no line terminators
Size
123 B (123 bytes)
Hash
704ffddba77692d66286bd1b34132b02
de7c51a12e5513f458806bac51e7d4901d36ccef
2307a854b6915f18c78cb43897e7116e9c0438765b95ce537bf7c379fc966ad1

HTTP Headers

GET /v2/data/n6EWoGmWa94eslO3UHv9DmbF/nvtag HTTP/1.1
Host: profile.ngpvan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 19 Jan 2023 23:46:40 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-origin: https://reproductiverights.org
content-encoding: gzip
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin,Accept-Encoding
content-length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
x-powered-by: Express, ASP.NET
set-cookie: visid_incap_2233503=s9sGMwO/SvOKQWRYOhEqSGDWyWMAAAAAQUIPAAAAAACXKyFjMw4ciFi+Yo7BKk2f; expires=Fri, 19 Jan 2024 22:16:10 GMT; HttpOnly; path=/; Domain=.ngpvan.com
nlbi_2233503=8CKRbFHX3SEgUACGvIV21QAAAACfIIynBC7Rvx0IYtm2vCA3; path=/; Domain=.ngpvan.com
incap_ses_276_2233503=x3T1Z6lIkHE/dDepHo3UA2DWyWMAAAAAFOPvGfG//9ugL2fEsKtr4w==; path=/; Domain=.ngpvan.com
TiPMix=60.81450119686828; path=/; HttpOnly; Domain=profile.ngpvan.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
x-ms-routing-name=self; path=/; HttpOnly; Domain=profile.ngpvan.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
x-cdn: Imperva
x-iinfo: 5-1358962-1358921 PNNN RT(1674172000007 19) q(0 0 0 -1) r(1 1) U5
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3193eab-6c48-4dde-bbaf-b719037166b6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6569 bytes)
Hash
117e54579fa4a1f0f394f8aace6e39ae
26503673cacf3e925d8ba27150dc42e6f0b7e08c
6a1748bb0306ebe366de8399ed71737c4f47b87dd1b213634289d6362b3bc3c9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3193eab-6c48-4dde-bbaf-b719037166b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6569
x-amzn-requestid: c9fb879e-186d-42ba-bd18-6edd54ffb618
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6x3PG4noAMFarw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c76361-50dd7d9b611427ca71a2ffec;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:11:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xiHaG9ktwbeVP_yMek-78Qjn9rtU0CByDNjkDeNghMApGVTcUPeIEA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 04:12:26 GMT
age: 70454
etag: "26503673cacf3e925d8ba27150dc42e6f0b7e08c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

secure.everyaction.com/v1/Forms/urCuKO9TU0KCFedHYTJpjQ2

45.60.33.183

200 OK

1.0 kB

URL HTTP/2
secure.everyaction.com/v1/Forms/urCuKO9TU0KCFedHYTJpjQ2
IP
45.60.33.183:0
ASN
#19551 INCAPSULA

File type
JSON data\012- , ASCII text, with very long lines (1841), with no line terminators
Size
1.0 kB (1002 bytes)
Hash
9145b66c0e5a73f09750a34c519b68ed
dcd28610ad54679d06f83725113d8ed403f52cee
d786db2319ae9f8b3fc1ac1c85d6cd05e51acea2a5a0ec0145b9e39bad885dad

HTTP Headers

GET /v1/Forms/urCuKO9TU0KCFedHYTJpjQ2 HTTP/1.1
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 19 Jan 2023 23:46:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://reproductiverights.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-encoding: gzip
vary: Origin,Accept-Encoding
content-length: 1002
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
set-cookie: visid_incap_823975=20lUePGFTnuDxEUZngaUhV/WyWMAAAAAQUIPAAAAAACvGup10tZBGPdVj0HZqw6f; expires=Fri, 19 Jan 2024 22:16:03 GMT; HttpOnly; path=/; Domain=.everyaction.com; Secure; SameSite=None
incap_ses_276_823975=xw2EXPjj2w84dDepHo3UA2DWyWMAAAAAtebVMSdrt1SsgxDzR5uZrg==; path=/; Domain=.everyaction.com; Secure; SameSite=None
TiPMix=43.26078548716191; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
; Secure; SameSite=None; SameSite=None; Secure
nlbi_823975=KrUtFAFlSnKXuEgHxwoUeQAAAADIribILN0ykum0eXPsp2yQ; path=/; Domain=.everyaction.com; Secure; SameSite=None; SameSite=None; Secure
x-cdn: Imperva
x-iinfo: 14-2684984-2684986 2NNN RT(1674171999661 21) q(0 0 0 0) r(5 5)
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72cb731e-e923-4be7-9dd2-8274ec9adc4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11675 bytes)
Hash
865f3b7fce94742b22851118e29491a2
24d8d638eb39f3ff6a6a8f2337d77f3852a99dba
1b3bb3b03e787aa7b1f60f61c4adf6463a3586399d47c5ec5a2aec7b0aaa03ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72cb731e-e923-4be7-9dd2-8274ec9adc4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11675
x-amzn-requestid: 718b88d6-5f97-42b0-8e9d-1cd6e646690a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7UihGrpIAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79adc-03cdafe06c8871bb63cbbd6a;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:08:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ARzXtlV41pRcNijtEI0YObkrDQA63q4DZLg2w4yz5W1CsBsvQJ7zaQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 07:28:47 GMT
age: 58674
etag: "24d8d638eb39f3ff6a6a8f2337d77f3852a99dba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1ca04e6-1065-4245-9b8a-3ffd11238e67.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13383 bytes)
Hash
10654c1f4148826354dc8ccd8a3ed20b
6a53a07e284a316073fb2d40c2515978b662c947
d7d46a3c5470f1ead1b3a992782d4f07f913187f47155c62e13acf511930d569

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1ca04e6-1065-4245-9b8a-3ffd11238e67.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13383
x-amzn-requestid: c9bade48-e562-4b6c-bd14-c9641643ae09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmRaEodIAMFhow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b73c-3e5ddece6ab24f464b4a6cab;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MPvJJabVYfTMYR4nuKuxwTx3P3uuw_sOrwBXIrG1O0iYQ8fhZzvAOQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:12:56 GMT
etag: "6a53a07e284a316073fb2d40c2515978b662c947"
content-type: image/jpeg
age: 5625
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bfc1a5f-dbc2-4099-be12-b3912841b0ca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8222 bytes)
Hash
3c3c196a343e7197f0e9ac3a2c3b3da7
60f49f7aeaacd21e6344edcfcd3e8d2da1fd70fc
fc45298f663ef06a40813dd55fce6334e59a21f26c34b8ec8a4827b947ad2a01

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bfc1a5f-dbc2-4099-be12-b3912841b0ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8222
x-amzn-requestid: 938e3d01-ec42-41e2-b8e6-fe99956573d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-nNlEaHIAMF9Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8ebf0-6f7c49a608faec596fa79f2d;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 07:06:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cpjACY72W2EmZUgyucMkSo2wnQjc5aVwj43rwWn7fdSRI0Rag7TVCA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 07:39:38 GMT
age: 58023
etag: "60f49f7aeaacd21e6344edcfcd3e8d2da1fd70fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

secure.everyaction.com/v1/Forms/PrATBUAp_0WSHMfbQBHoNA2

45.60.33.183

200 OK

996 B

URL HTTP/2
secure.everyaction.com/v1/Forms/PrATBUAp_0WSHMfbQBHoNA2
IP
45.60.33.183:0
ASN
#19551 INCAPSULA

File type
JSON data\012- , ASCII text, with very long lines (1833), with no line terminators
Size
996 B (996 bytes)
Hash
336a6cf093dbfb52512138a23154cb99
03ba345995a869220bdd60839a5bb69c5d826ccd
14eea55c8abcd3c8dc420ec65cc8fe65f908e3d2358c1945489460b004df4438

HTTP Headers

GET /v1/Forms/PrATBUAp_0WSHMfbQBHoNA2 HTTP/1.1
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Thu, 19 Jan 2023 23:46:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://reproductiverights.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-encoding: gzip
vary: Origin,Accept-Encoding
content-length: 996
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
set-cookie: visid_incap_823975=20lUePGFTnuDxEUZngaUhV/WyWMAAAAAQUIPAAAAAACvGup10tZBGPdVj0HZqw6f; expires=Fri, 19 Jan 2024 22:16:03 GMT; HttpOnly; path=/; Domain=.everyaction.com; Secure; SameSite=None
incap_ses_276_823975=k8jncuC6bk04dDepHo3UA2DWyWMAAAAAJapOc62iIUr6g2iK7YgYDw==; path=/; Domain=.everyaction.com; Secure; SameSite=None
TiPMix=70.56501241859665; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
; Secure; SameSite=None; SameSite=None; Secure
nlbi_823975=hvI8NAlIOiRfq6cAxwoUeQAAAABuhFfMzS7vGvxgY+lwZIUc; path=/; Domain=.everyaction.com; Secure; SameSite=None; SameSite=None; Secure
x-cdn: Imperva
x-iinfo: 14-2684984-2684986 2NNN RT(1674171999661 113) q(0 0 0 0) r(4 4)
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6399 bytes)
Hash
ffb6957f05eb26875b60b795a1a0e818
44c2febdf59c4f08401e7c3edd0837dd4b1a8886
0fdb841fbf2f336f58cc4b63d271c8cdd3fba345de4c774651826ea24e3628b6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6399
x-amzn-requestid: e4b80b20-8aad-47aa-9059-7f7729f901bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7UZ1ExQoAMFXKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79aa5-66622b6c3e8fd210011618c5;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:07:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HSec-atXiQMoOd0Jqu8_jiC3cHqeyPpYvFJxKzqJcpp9i6sZhGMMEg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 06:59:40 GMT
age: 60421
etag: "44c2febdf59c4f08401e7c3edd0837dd4b1a8886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
1f90658fc275a0e790199a21ed64e4c0
9646f4df3cf59230dbfe64cf4af8b97dd45dfe28
61f9140aa335ef45fed9e11f4256f124900d803f5783d24afc2b46c2dd90f9d2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1658
Cache-Control: max-age=86371
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:41 GMT
Etag: "63c87e4a-138"
Expires: Fri, 20 Jan 2023 23:46:12 GMT
Last-Modified: Wed, 18 Jan 2023 23:18:34 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0006ce58-5ef3-4b3f-bf69-6f135fd2d676&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9051b3a3-884b-4752-98fc-031d624d19b2&tw_document_href=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2gl0&type=javascript&version=2.3.29

104.244.42.3

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0006ce58-5ef3-4b3f-bf69-6f135fd2d676&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9051b3a3-884b-4752-98fc-031d624d19b2&tw_document_href=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2gl0&type=javascript&version=2.3.29
IP
104.244.42.3:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=0006ce58-5ef3-4b3f-bf69-6f135fd2d676&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9051b3a3-884b-4752-98fc-031d624d19b2&tw_document_href=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2gl0&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:40 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_8daYrMY47H12hDwOLoZXyw=="; Max-Age=63072000; Expires=Sat, 18 Jan 2025 23:46:41 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: a8c600a2f460bd59
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 0e9d2f4f175a7f60c82e83314e6e6861d9fe1ffe7afef2c686de4ffe700518e6
X-Firefox-Spdy: h2

secure.everyaction.com/Databag/Profile/n6EWoGmWa94eslO3UHv9DmbF

45.60.33.183

204 No Content

0 B

URL HTTP/2
secure.everyaction.com/Databag/Profile/n6EWoGmWa94eslO3UHv9DmbF
IP
45.60.33.183:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Databag/Profile/n6EWoGmWa94eslO3UHv9DmbF HTTP/1.1
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Cookie: visid_incap_823975=20lUePGFTnuDxEUZngaUhV/WyWMAAAAAQUIPAAAAAACvGup10tZBGPdVj0HZqw6f; incap_ses_276_823975=k8jncuC6bk04dDepHo3UA2DWyWMAAAAAJapOc62iIUr6g2iK7YgYDw==; TiPMix=70.56501241859665; x-ms-routing-name=self; nlbi_823975=hvI8NAlIOiRfq6cAxwoUeQAAAABuhFfMzS7vGvxgY+lwZIUc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 19 Jan 2023 23:46:41 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://reproductiverights.org
access-control-expose-headers: Request-Context
cache-control: private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
set-cookie: ProfileDatabagId=n6EWoGmWa94eslO3UHv9DmbF; domain=.everyaction.com; expires=Wed, 19-Jan-2033 23:46:41 GMT; path=/; Secure; SameSite=None; SameSite=None; Secure
x-iinfo: 14-2684984-2684999 NNNN CT(97 201 0) RT(1674171999661 554) q(0 0 3 -1) r(4 4) U11
X-Firefox-Spdy: h2

secure.everyaction.com/v1/Track/PrATBUAp_0WSHMfbQBHoNA2?formSessionId=c17566ff-73d1-4cc3-8f97-4e5b7025ba7a&bName=firefox&dType=desktop&fUrl=aHR0cHM6Ly9yZXByb2R1Y3RpdmVyaWdodHMub3JnL3BhdWxpbmEtZml2ZS15ZWFycy1sYXRlcl0v&fRef=

45.60.33.183

200 OK

0 B

URL HTTP/2
secure.everyaction.com/v1/Track/PrATBUAp_0WSHMfbQBHoNA2?formSessionId=c17566ff-73d1-4cc3-8f97-4e5b7025ba7a&bName=firefox&dType=desktop&fUrl=aHR0cHM6Ly9yZXByb2R1Y3RpdmVyaWdodHMub3JnL3BhdWxpbmEtZml2ZS15ZWFycy1sYXRlcl0v&fRef=
IP
45.60.33.183:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/Track/PrATBUAp_0WSHMfbQBHoNA2?formSessionId=c17566ff-73d1-4cc3-8f97-4e5b7025ba7a&bName=firefox&dType=desktop&fUrl=aHR0cHM6Ly9yZXByb2R1Y3RpdmVyaWdodHMub3JnL3BhdWxpbmEtZml2ZS15ZWFycy1sYXRlcl0v&fRef= HTTP/1.1
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Cookie: visid_incap_823975=20lUePGFTnuDxEUZngaUhV/WyWMAAAAAQUIPAAAAAACvGup10tZBGPdVj0HZqw6f; incap_ses_276_823975=k8jncuC6bk04dDepHo3UA2DWyWMAAAAAJapOc62iIUr6g2iK7YgYDw==; TiPMix=70.56501241859665; x-ms-routing-name=self; nlbi_823975=hvI8NAlIOiRfq6cAxwoUeQAAAABuhFfMzS7vGvxgY+lwZIUc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:41 GMT
access-control-expose-headers: Request-Context
cache-control: no-cache
expires: -1
pragma: no-cache
content-length: 0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
set-cookie: ; Secure; SameSite=None; SameSite=None; Secure
x-iinfo: 14-2684984-2684999 PNNN RT(1674171999661 656) q(0 0 2 -1) r(3 3) U2
X-Firefox-Spdy: h2

secure.everyaction.com/v1/Track/urCuKO9TU0KCFedHYTJpjQ2?formSessionId=c7032737-907a-4b7f-8e79-1a2aee8c530f&bName=firefox&dType=desktop&fUrl=aHR0cHM6Ly9yZXByb2R1Y3RpdmVyaWdodHMub3JnL3BhdWxpbmEtZml2ZS15ZWFycy1sYXRlcl0v&fRef=

45.60.33.183

200 OK

0 B

URL HTTP/2
secure.everyaction.com/v1/Track/urCuKO9TU0KCFedHYTJpjQ2?formSessionId=c7032737-907a-4b7f-8e79-1a2aee8c530f&bName=firefox&dType=desktop&fUrl=aHR0cHM6Ly9yZXByb2R1Y3RpdmVyaWdodHMub3JnL3BhdWxpbmEtZml2ZS15ZWFycy1sYXRlcl0v&fRef=
IP
45.60.33.183:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/Track/urCuKO9TU0KCFedHYTJpjQ2?formSessionId=c7032737-907a-4b7f-8e79-1a2aee8c530f&bName=firefox&dType=desktop&fUrl=aHR0cHM6Ly9yZXByb2R1Y3RpdmVyaWdodHMub3JnL3BhdWxpbmEtZml2ZS15ZWFycy1sYXRlcl0v&fRef= HTTP/1.1
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Cookie: visid_incap_823975=20lUePGFTnuDxEUZngaUhV/WyWMAAAAAQUIPAAAAAACvGup10tZBGPdVj0HZqw6f; incap_ses_276_823975=k8jncuC6bk04dDepHo3UA2DWyWMAAAAAJapOc62iIUr6g2iK7YgYDw==; TiPMix=70.56501241859665; x-ms-routing-name=self; nlbi_823975=hvI8NAlIOiRfq6cAxwoUeQAAAABuhFfMzS7vGvxgY+lwZIUc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:41 GMT
access-control-expose-headers: Request-Context
cache-control: no-cache
expires: -1
pragma: no-cache
content-length: 0
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
set-cookie: ; Secure; SameSite=None; SameSite=None; Secure
x-iinfo: 14-2684984-2684999 PNNN RT(1674171999661 598) q(0 0 3 -1) r(4 4) U2
X-Firefox-Spdy: h2

secure.ngpvan.com/Databag/Profile/n6EWoGmWa94eslO3UHv9DmbF

45.60.33.183

204 No Content

0 B

URL HTTP/2
secure.ngpvan.com/Databag/Profile/n6EWoGmWa94eslO3UHv9DmbF
IP
45.60.33.183:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Databag/Profile/n6EWoGmWa94eslO3UHv9DmbF HTTP/1.1
Host: secure.ngpvan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 19 Jan 2023 23:46:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://reproductiverights.org
access-control-expose-headers: Request-Context
cache-control: private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
set-cookie: visid_incap_1002065=tdVvv5bMSjaetMswRmNdnlPWyWMAAAAAQUIPAAAAAAATkUK5JLvHgCP9Iib+/a1e; expires=Fri, 19 Jan 2024 22:16:10 GMT; HttpOnly; path=/; Domain=.ngpvan.com; Secure; SameSite=None
nlbi_1002065=gqeuRhkJFyswHFN10IOYSwAAAADxaJmWjnteKAUm8umIqB0O; path=/; Domain=.ngpvan.com; Secure; SameSite=None
incap_ses_276_1002065=V+h8MVQUfhY9cjepHo3UA2DWyWMAAAAAO4AOk/qZiL5F6fkN+uRhDQ==; path=/; Domain=.ngpvan.com; Secure; SameSite=None
TiPMix=47.98353115571433; path=/; HttpOnly; Domain=secure.ngpvan.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.ngpvan.com; Max-Age=3600; Secure; SameSite=None; SameSite=None; Secure
ProfileDatabagId=n6EWoGmWa94eslO3UHv9DmbF; domain=.ngpvan.com; expires=Wed, 19-Jan-2033 23:46:41 GMT; path=/; Secure; SameSite=None; SameSite=None; Secure
x-cdn: Imperva
x-iinfo: 10-641951-641956 NNNN CT(98 202 0) RT(1674171999627 591) q(0 0 3 1) r(4 4) U11
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=587771081432263&ev=PageView&dl=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&rl=&if=false&ts=1674172000732&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674172000731.1947520177&it=1674171999893&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=587771081432263&ev=PageView&dl=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&rl=&if=false&ts=1674172000732&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674172000731.1947520177&it=1674171999893&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=587771081432263&ev=PageView&dl=https%3A%2F%2Freproductiverights.org%2Fpaulina-five-years-later%5D%2F&rl=&if=false&ts=1674172000732&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674172000731.1947520177&it=1674171999893&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Jan 2023 23:46:41 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
071edf406c3e287843fdf4e61ceb9ff7
99cf4c0cb373feeecbdf97df42c8066551f89dfe
127371c4c4a3345b44dfbf97fb93b506d2daf0c0ecfb39317eefd695c8c59d69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&gjid=643285376&_gid=1119934832.1674172000&_u=YGBACEAABAAAACAAI~&z=1175590719

64.233.161.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&gjid=643285376&_gid=1119934832.1674172000&_u=YGBACEAABAAAACAAI~&z=1175590719
IP
64.233.161.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&gjid=643285376&_gid=1119934832.1674172000&_u=YGBACEAABAAAACAAI~&z=1175590719 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://reproductiverights.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 19 Jan 2023 23:46:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef6fe7988a08e577759332c0eccc5f76
29939e4489df98e76795448d43105764c12d6aae
13798c5e5e75c8ac29aec703c616491c14dbab072fa546afe6ee9f03fabba1b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
071edf406c3e287843fdf4e61ceb9ff7
99cf4c0cb373feeecbdf97df42c8066551f89dfe
127371c4c4a3345b44dfbf97fb93b506d2daf0c0ecfb39317eefd695c8c59d69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
149a7cdd0e94d31b2237ac241b3bad35
c6e2c3aba0c96ffc26114f79306930a4554964b3
fe9cd8e03a847278924ed338131b5ef16b8ef315db81f3e6387c0621baa46232

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&_u=YGBACEAABAAAACAAI~&z=1623507169

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&_u=YGBACEAABAAAACAAI~&z=1623507169
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&_u=YGBACEAABAAAACAAI~&z=1623507169 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 23:46:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&_u=YGBACEAABAAAACAAI~&z=1623507169

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&_u=YGBACEAABAAAACAAI~&z=1623507169
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-6619340-1&cid=414584251.1674172000&jid=1979762603&_u=YGBACEAABAAAACAAI~&z=1623507169 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 23:46:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ef6fe7988a08e577759332c0eccc5f76
29939e4489df98e76795448d43105764c12d6aae
13798c5e5e75c8ac29aec703c616491c14dbab072fa546afe6ee9f03fabba1b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
623f341fa3fd0e09d3a2b649ea882919
98c12490034b5633fcc6386b627947806495fc61
edf2873ae5aee565800ffbd38c62519e683adf9f4624bd49af202b64f158f5eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 23:46:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10359 bytes)
Hash
86ca07c03adbaa31374225110924b188
b1bd67630aea727a624f00b8cfd660d3b0848de1
471e3db64c9a6ec7ae4a76ea1a0835bd90dc55b389e3fe2f90c18c4dd2dbec27

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d12cb7-b021-47eb-a0b0-ff949f96b6de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10359
x-amzn-requestid: 0f2758cc-430d-4fd0-903a-a9acb7f6f7b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fAmNKHw7oAMFmDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9b720-797bcd6220bfa89f0c7a76e1;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5F3zD1CI_SJgBrnnUC10ysMwNoxcN_CAhpZT4medpy5I3Nxuzo9MJQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 22:08:45 GMT
age: 5882
etag: "b1bd67630aea727a624f00b8cfd660d3b0848de1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

reproductiverights.org/document/paulina-five-years-later]

141.193.213.20

301 Moved Permanently

0 B

URL HTTP/2
reproductiverights.org/document/paulina-five-years-later]
IP
141.193.213.20:0
ASN
#209242 Cloudflare London, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /document/paulina-five-years-later] HTTP/1.1
Host: reproductiverights.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Thu, 19 Jan 2023 23:46:38 GMT
content-type: text/html
location: https://reproductiverights.org/paulina-five-years-later]
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78c3736fce21fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kit.fontawesome.com/77af02b389.js

104.18.23.52

200 OK

0 B

URL HTTP/2
kit.fontawesome.com/77af02b389.js
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /77af02b389.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://reproductiverights.org
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 19 Jan 2023 23:46:39 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Ftb_8vXytjpHPOk35I6B
cf-cache-status: HIT
age: 12
server: cloudflare
cf-ray: 78c37375de2ab4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

skbndfcnuk.duckdns.org/a.zip

63.251.217.14

200 OK

0 B

URL HTTP/1.1
skbndfcnuk.duckdns.org/a.zip
IP
63.251.217.14:0
ASN
#35913 DEDIPATH-LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
fortinet	Phishing

HTTP Headers

GET /a.zip HTTP/1.1
Host: skbndfcnuk.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 19 Jan 2023 23:46:39 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 21 Oct 2021 02:08:36 GMT
ETag: "aae9c1d8-5ced35f4f3100"
Accept-Ranges: bytes
Content-Length: 2867446232
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip

static.hotjar.com/c/hotjar-1712413.js?sv=6

143.204.55.54

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-1712413.js?sv=6
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-1712413.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reproductiverights.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 19 Jan 2023 23:46:27 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/124687e25d82ed9498baf08a2e4c4bb7
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5Ox1D2iyzkV8XklXqe386w4Wrpix-ZyMhGr_UfSV0ixd4fniC1hgWA==
age: 13
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML