firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nchfiQKezkE5IkQoZmoxKJxQCz4xZD4cJDoTVAuQbdf2aV3pqpcFPA==
Age: 64030
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11156
Expires: Thu, 06 Oct 2022 12:40:25 GMT
Date: Thu, 06 Oct 2022 09:34:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14004
Expires: Thu, 06 Oct 2022 13:27:53 GMT
Date: Thu, 06 Oct 2022 09:34:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3kN90+HumZPJFFkWUwLFaBp4RoQjj89300rYg/e2hEN9YxKE8XdJ398xjXeD0w4AqNtIVIvJVDI=
x-amz-request-id: 64S3MN6AJGV1XDBG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 08:58:41 GMT
age: 2148
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 09:34:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pxlme.me/vlxxilqm
51.15.139.10307 Temporary Redirect 60 B IP 51.15.139.10:0
File type HTML document, ASCII text
Hash c630e122ff40e6d8a7f21a854bf61e02
da56812cf37ef1044eb9adaa99873bd81cb9282d
55764dc3efff3171bf3ae565a1a8de07b1e51586222d37656f1e9d2dba63deb8
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /vlxxilqm HTTP/1.1
Host: pxlme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=utf-8
Location: https://pxlme.me/BENDELI
Date: Thu, 06 Oct 2022 09:34:29 GMT
Content-Length: 60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4b1a86a7b1cbd3dea8de3c49e37a7112
8be787bc4efd88cf657de74c30905e59a35900d4
783fc9a3526f151f441184bcd35e7cb2f3bc7e9224f3791d0934760f0bb4c8be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "783FC9A3526F151F441184BCD35E7CB2F3BC7E9224F3791D0934760F0BB4C8BE"
Last-Modified: Tue, 04 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7583
Expires: Thu, 06 Oct 2022 11:40:52 GMT
Date: Thu, 06 Oct 2022 09:34:29 GMT
Connection: keep-alive
pxlme.me/BENDELI
51.15.139.10302 Found 78 B IP 51.15.139.10:0
File type HTML document, ASCII text
Hash 72e2c572b3bb7e505c4fc75453a1342c
cc69e91d59d7f9b9c0f2694d3d0b5358e0fb1518
f609ca9fa7c74ad82d7492282f4ae316497ca082105c72f5d56cdd8050815f6f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /BENDELI HTTP/1.1
Host: pxlme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private, max-age=90
Content-Type: text/html; charset=utf-8
Location: https://pixelme.me/phishing?url=https://drum.io/BENDELI
Date: Thu, 06 Oct 2022 09:34:29 GMT
Content-Length: 78
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 09:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 10:00:53 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: adY23rvDKepM37C7h0IdMDe6XaV_NB7Qxwbth9TPqjPb6jCV_O7zeA==
Age: 288
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8e35edc2ff1b385dc918318392cc2a7d
29ec03239431af48c4e67a5b5d52c34e533d58bd
f7e7aa1765ddd3ca5d861c506060c929ca6817d93a83e09d1a050b66922b0e78
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7E7AA1765DDD3CA5D861C506060C929CA6817D93A83E09D1A050B66922B0E78"
Last-Modified: Wed, 05 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8582
Expires: Thu, 06 Oct 2022 11:57:31 GMT
Date: Thu, 06 Oct 2022 09:34:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2108
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:29 GMT
Last-Modified: Thu, 06 Oct 2022 08:59:22 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
pixelme.me/phishing?url=https://drum.io/BENDELI
99.83.190.102301 Moved Permanently 166 B URL HTTP/2 pixelme.me/phishing?url=https://drum.io/BENDELI
IP 99.83.190.102:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /phishing?url=https://drum.io/BENDELI HTTP/1.1
Host: pixelme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: openresty
date: Thu, 06 Oct 2022 09:34:29 GMT
content-type: text/html
content-length: 166
location: https://www.pixelme.me/phishing?url=https://drum.io/BENDELI
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.223.168.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.168.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fSu0q6RZ6C/6QjJdtwunsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rSL7yx4RKYBjZ5g+FgAlYaOL6BQ=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e90b8ead88c23429ba7d1730bb0b93b4
b23c93eb6699ef2804d492dbdd938cbb2d027bb3
e5ee480d9a47a9067f296edb0b3cdb163ce178ce7e4cc5e0d7163bff38ba1df5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5EE480D9A47A9067F296EDB0B3CDB163CE178CE7E4CC5E0D7163BFF38BA1DF5"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4053
Expires: Thu, 06 Oct 2022 10:42:03 GMT
Date: Thu, 06 Oct 2022 09:34:30 GMT
Connection: keep-alive
www.pixelme.me/phishing?url=https://drum.io/BENDELI
34.251.201.224200 OK 2.8 kB URL HTTP/2 www.pixelme.me/phishing?url=https://drum.io/BENDELI
IP 34.251.201.224:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2277)
Hash 944b7f3c50e9fabc1574efac3e185d5b
916c202ad934db677c8a9b2e668ff82af6a2a555
99ad6d9a9179fd0b7eb4fb51b211792c008675e3baabafcdf897a1c7c30fc4fc
GET /phishing?url=https://drum.io/BENDELI HTTP/1.1
Host: www.pixelme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty
date: Thu, 06 Oct 2022 09:34:30 GMT
content-type: text/html
content-length: 2771
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 1443
x-served-by: cache-iad-kjyo7100173-IAD, cache-dub4333-DUB
x-cache: HIT, HIT
x-cache-hits: 26, 5
x-timer: S1665048870.134828,VS0,VE0
vary: x-wf-forwarded-proto, Accept-Encoding
x-cluster-name: eu-west-1-prod-edge-blue
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.a96d0f5ca.css
54.230.111.10200 OK 27 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.a96d0f5ca.css
IP 54.230.111.10:0
File type ASCII text, with very long lines (30536)
Hash 9188f7fceb9c647e2836facb7267f15d
00efa3a9faf2f4b7fad1e75514f640e0190b4063
8d395dc633f198224436091da254b86588cd97c3d37ddbe0f3533d065e60a658
GET /606485806deaf1f6b4ffdbee/css/pixelme.a96d0f5ca.css HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 26609
last-modified: Tue, 04 Oct 2022 13:40:27 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 3KuMmRIHKa35DfmkQVyV_Q_49jy5gYLd
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 13:11:10 GMT
cache-control: max-age=84600, must-revalidate
etag: "9188f7fceb9c647e2836facb7267f15d"
vary: Accept-Encoding
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 73401
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2OwyFKDVcCP6pLHDHqywbuy6qvzn7bhS5EzjqSJoBcBUokBBVD1PJg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.website-files.com/606485806deaf1f6b4ffdbee/js/pixelme.486add2cd.js
54.230.111.10200 OK 69 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/js/pixelme.486add2cd.js
IP 54.230.111.10:0
File type Unicode text, UTF-8 text, with very long lines (56835)
Hash 32c3327bb24125113162dd60bebc910c
5757987d86041b976504d040ce159a0ca4a0600c
d9acaf53f07264e856abe43c016bf36bb08b5ca40fa5340a6dd6aeb93e2214d9
GET /606485806deaf1f6b4ffdbee/js/pixelme.486add2cd.js HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 69257
last-modified: Tue, 04 Oct 2022 13:40:27 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: qTZvrKXrxrMCEnBdJye9rN_OnViEpzEP
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 19:48:35 GMT
cache-control: max-age=84600, must-revalidate
etag: "32c3327bb24125113162dd60bebc910c"
vary: Accept-Encoding
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 49556
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0yv2WfRmvAr6HkWLl5ljYQuA_onjWBBPB752vLi_SNfVHq2HOO4c7A==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-91053522-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-91053522-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash a6444450f72b5954dd243551aea7c96f
4f2a1c90b9a94f11e9e2248c13139a3c3fc5eb94
ca1c5597d0f7e86a8f35e0b97627d7c993dc25d0462dcc67a8d80e56be234f5c
GET /gtag/js?id=UA-91053522-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 09:34:30 GMT
expires: Thu, 06 Oct 2022 09:34:30 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.website-files.com/606485806deaf1f6b4ffdbee/606b0ca209bea4c24617f525_nunitosans-bold.woff2
54.230.111.10200 OK 38 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/606b0ca209bea4c24617f525_nunitosans-bold.woff2
IP 54.230.111.10:0
File type Web Open Font Format (Version 2), TrueType, length 37972, version 1.0\012- data
Hash 7c527fa711f61b560ee2f2d19c5f089d
b484b2e4d6cd6a8f73fe48e043e105feb13e6fb7
15ba2fc78ee95f275931fe00f9685e83d323ed7a345ff5e72aa84e69dd2451b6
GET /606485806deaf1f6b4ffdbee/606b0ca209bea4c24617f525_nunitosans-bold.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://assets.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 37972
date: Thu, 29 Sep 2022 08:58:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 05 Apr 2021 13:12:03 GMT
etag: "7c527fa711f61b560ee2f2d19c5f089d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: v7YIMD0vYPIKe4ESuB1wWxiy_jmyJkT8
accept-ranges: bytes
server: AmazonS3
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 606986
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bivJnWM1Ruhk7wbmLxywX_jhtdk7_2QggApWx_voUEPQQtW1mQHAcA==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC
IP 142.250.74.168:0
File type ASCII text, with very long lines (19920)
Hash 27df59300d8c4e6583fdacba73a6a7df
81145614837f75f5ea9c8f09fedca28fec9edc35
9fa9ed1f85679f8377fbc7db72f391bdf77f666c17b6389b0ccc2a4c7a576a96
GET /gtm.js?id=GTM-5XSKBTC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 09:34:30 GMT
expires: Thu, 06 Oct 2022 09:34:30 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/606b0cb0e5289d9aefd0d5a8_nunitosans-black.woff2
54.230.111.10200 OK 38 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/606b0cb0e5289d9aefd0d5a8_nunitosans-black.woff2
IP 54.230.111.10:0
File type Web Open Font Format (Version 2), TrueType, length 38260, version 1.0\012- data
Hash 7ada8fe6859dc129c3bd00cc0574a26d
4c5f703936ae5b6450029af4217868895912b8af
62a55c5999b47d6724ddc16f9094fc5a2e94cbb4f098425ee67cc1e76803ab5a
GET /606485806deaf1f6b4ffdbee/606b0cb0e5289d9aefd0d5a8_nunitosans-black.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://assets.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 38260
date: Sat, 20 Aug 2022 08:53:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 05 Apr 2021 13:12:17 GMT
etag: "7ada8fe6859dc129c3bd00cc0574a26d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 8EFpQYg.ttB..jDq0VQUlNlW.K9uYDVx
accept-ranges: bytes
server: AmazonS3
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 4063268
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sjWaAb9WdLhsmolJa8p8gdKEpFq2CVBwc0n8L2bSrt30M9PWMHpTPw==
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/60cbc040028f9e2c1721688b_undraw_alert_mc7b%20(1).svg
54.230.111.10200 OK 1.9 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/60cbc040028f9e2c1721688b_undraw_alert_mc7b%20(1).svg
IP 54.230.111.10:0
Hash 0bf3e0fb05292d7398f3f71923ec7ee1
7adba15f738429fa7c2ed6b1a16adb45d8c666e1
fc9a47e3d58fddb6fe2bb4a43a0e4dd30bd6ad3637515d087780cd1d655efe10
GET /606485806deaf1f6b4ffdbee/60cbc040028f9e2c1721688b_undraw_alert_mc7b%20(1).svg HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 30 Aug 2022 02:47:36 GMT
last-modified: Thu, 17 Jun 2021 21:36:01 GMT
etag: W/"83e5fff4eec3d21d07b0da1ae7216d34"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: BaLoIeEKYeJ75LZZDVIPz2KpPwlCQGZT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 3221215
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lVmI5-1D2bGNNdS11kJUy3hWX_yENBOJFFcXgN1WdXWBvI0dS2KSYA==
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/633b32bebbc8b4db3b792242_WebClip.png
54.230.111.10200 OK 2.2 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/633b32bebbc8b4db3b792242_WebClip.png
IP 54.230.111.10:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash bbd5dff3641968d6cf9cbe64ca897a0a
29d240e6defaa6422dae4f3ccd62153656ef237b
100df3a62b83cc8ca6fcecf7d5a86ca187fc617f4b401b2fa0eaca3c0d75e066
GET /606485806deaf1f6b4ffdbee/633b32bebbc8b4db3b792242_WebClip.png HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2207
date: Mon, 03 Oct 2022 19:20:37 GMT
last-modified: Mon, 03 Oct 2022 19:06:39 GMT
etag: "bbd5dff3641968d6cf9cbe64ca897a0a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: wOhWJbUFWqqfxwms.SE3FEO3dc6eGJ5s
accept-ranges: bytes
server: AmazonS3
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 224034
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xh56bbpK6wszh0tnRBkeneb17oGPyeknwHTVcSL2UfII4RbOJo-E8w==
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-T2TLM22
142.250.74.46200 OK 43 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-T2TLM22
IP 142.250.74.46:0
File type ASCII text, with very long lines (2039)
Hash 03584923fa7c60660c95537f0dadda4d
a59757a91c92da916dc255a674f77c7efc019783
3e896892af22ab63839fc7cd21cc6750e08378f1c269a7e8f8b690f9153a5120
GET /optimize.js?id=OPT-T2TLM22 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 09:34:30 GMT
expires: Thu, 06 Oct 2022 09:34:30 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.weglot.com/projects-settings/4099fc3d7e82ef37a59176ea4e8450100.json
54.230.111.42200 OK 1.3 kB URL HTTP/2 cdn.weglot.com/projects-settings/4099fc3d7e82ef37a59176ea4e8450100.json
IP 54.230.111.42:0
Hash d8537a5b2e2f474f58ce728f832c85f5
1ab7b4b9b5b22608abb9ace56377622fd8640779
6d56bc9a818f72a71687a3b9847ba36d76a85d37c1f4808fc71afe1e060724d7
GET /projects-settings/4099fc3d7e82ef37a59176ea4e8450100.json HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 03 Oct 2022 10:59:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 01 Aug 2022 15:19:06 GMT
x-amz-version-id: null
etag: W/"e1c2c5cb0632688dfbb927d413a8d7c0"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RaGDkEH-cSBaAyXEfzNAKpKx2j4hM3sDgP-VYQ9X6jQTF0hA-7Z0IA==
age: 254082
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96e7e44c42750da7479d02b2751d3b00
4565189efca34c19ebe953bffb1148b5e792be70
8e0601b4721a1bfab206cd2102644a405db444d05fe7cafa741fb995709d8457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E0601B4721A1BFAB206CD2102644A405DB444D05FE7CAFA741FB995709D8457"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7481
Expires: Thu, 06 Oct 2022 11:39:11 GMT
Date: Thu, 06 Oct 2022 09:34:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a38ee68159b713d7850fabdb14bc603
e4b496dcb83a7802506de0b6a727bd6323633b18
bc1e1998188c66c7857b860da18c08f5aa73744954b0fd21fd1831c7edc9cb19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC1E1998188C66C7857B860DA18C08F5AA73744954B0FD21FD1831C7EDC9CB19"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13665
Expires: Thu, 06 Oct 2022 13:22:15 GMT
Date: Thu, 06 Oct 2022 09:34:30 GMT
Connection: keep-alive
cdn.weglot.com/flags/rectangle_mat/gb.svg
54.230.111.42200 OK 607 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/gb.svg
IP 54.230.111.42:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 006007133f2f5769b083935b65c12e4e
ffcd6eeee4c340fa7d008caf887419e027bcfc25
720d4a3364adb0f6dab95c8339fc8538a4388e302b8a8173d401e8471998ebf1
GET /flags/rectangle_mat/gb.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 607
date: Wed, 05 Oct 2022 17:22:17 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:29 GMT
x-amz-version-id: null
etag: "006007133f2f5769b083935b65c12e4e"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2nGEhsyv8PUlF3wKH4HM8Rp2OO_6lq5uHnpS6Ck5QJiGZ2Mx-2qq0A==
age: 58333
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/fr.svg
54.230.111.42200 OK 361 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/fr.svg
IP 54.230.111.42:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bd4e571babcb06df9fc0c931f8d65683
5ee7ed5552a6b7383a0525d634b65e720af4e9c0
4d64cc6ca0696fecc817f893a5ef9f6652ff3d613ab65192ef458ce3b542f192
GET /flags/rectangle_mat/fr.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 361
date: Wed, 05 Oct 2022 17:22:17 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:30 GMT
x-amz-version-id: null
etag: "bd4e571babcb06df9fc0c931f8d65683"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: slxyhRWGxWOwGMsakDqbPzWwGDq2EL__7f36WJ8zgYbPp3t3mLbyhQ==
age: 58333
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/de.svg
54.230.111.42200 OK 282 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/de.svg
IP 54.230.111.42:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 230a0b62d812d0af63f6850de2dfd386
35d0fd3cb2f6bb920d15c20115d2a14ffdc1a2c4
24af178a9f462202ed967edb00c6e975aabb0a71f8bfbb8fb0062717e4931d06
GET /flags/rectangle_mat/de.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 282
date: Wed, 05 Oct 2022 17:22:17 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:28 GMT
x-amz-version-id: null
etag: "230a0b62d812d0af63f6850de2dfd386"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rMkcmOBDFnRB_eeHaofd_y1atz_kwe-d8voFkPB5z9btR_5rwSi09A==
age: 58334
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/it.svg
54.230.111.42200 OK 361 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/it.svg
IP 54.230.111.42:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 70b02da9cb6cfbccdbd3497cfd2b36af
8aed56ed3359cf07cacafaab908cfb855183e87b
251214b83e86ba6b8ba5d810089b699d7cd43c9e4bbce2158655469a1af29852
GET /flags/rectangle_mat/it.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 361
date: Tue, 04 Oct 2022 21:33:12 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:29 GMT
x-amz-version-id: null
etag: "70b02da9cb6cfbccdbd3497cfd2b36af"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d4l9NC1c3XAWbJnZpWI2NxKe6VoJbB2YMUL82Lw2iam5zXAOfmTNSQ==
age: 129679
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/ru.svg
54.230.111.42200 OK 355 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/ru.svg
IP 54.230.111.42:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash be178f7317c9dddbd8a49226f6fc128c
10cabb57bdc8bc5ee609f03a432f455a8d038499
af9c0b316df61878613a6142ae625a4c20dd30685d6c0d480deef933f1c90640
GET /flags/rectangle_mat/ru.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 355
date: Tue, 04 Oct 2022 21:33:42 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:31 GMT
x-amz-version-id: null
etag: "be178f7317c9dddbd8a49226f6fc128c"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c_aU3IoSZ1Ac99YHJUuJJZZMhI30k5eNu_Sr32u1gjMQQTlOyVjhUQ==
age: 129649
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/P61wxexqqpI
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/P61wxexqqpI
IP 142.250.74.3:0
Hash f71252faaa751ced33ff94ecaa010ea4
1a87c84c9519eedd32e9f46919f665ef61ef3c63
c2d574a724ce63406996f827642fd8b418b9b646955fffff2b4bda44f46fa2f2
POST /s/gts1d4/P61wxexqqpI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
142.250.74.98200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (2021)
Hash facf633646edbf5b62983e22d11aa160
0373848f224ca40d2982581b205a8cf28b72dd7c
ce5955eb70e6611579323a75ba5536d9af9a224a593fe1a2d8d204fa1127f524
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Oct 2022 09:34:30 GMT
expires: Thu, 06 Oct 2022 09:34:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11313833467736987248
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16840
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
142.250.74.10200 OK 46 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
IP 142.250.74.10:0
Hash e05bbf107c23051b30bf2acc3a359997
a50cf44bb5e55a5fcb26698eed17d1f88def13c1
e1196f3eee261a5b64718e72766694c869023814ef5d35e7bb13e6aedd9f843d
GET /css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 09:34:30 GMT
date: Thu, 06 Oct 2022 09:34:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 20:02:01 GMT
expires: Tue, 03 Oct 2023 20:02:01 GMT
cache-control: public, max-age=31536000
age: 221549
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:10:21 GMT
expires: Wed, 04 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 145449
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:10:21 GMT
expires: Wed, 04 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 145449
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17728, version 1.0\012- data
Hash 9d09d1df90538b11770ec5f593b6d792
6e117eeeda54f443063becf094332b362e19abb8
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
GET /s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 14:07:37 GMT
expires: Thu, 05 Oct 2023 14:07:37 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:10:29 GMT
content-type: font/woff2
age: 70013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23736, version 1.0\012- data
Hash e2cad968cb158b719d38375c5b4c2855
f70e8c03147accc3b9006a285998cb6c04cc19d9
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
GET /s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 07:01:04 GMT
expires: Fri, 06 Oct 2023 07:01:04 GMT
cache-control: public, max-age=31536000
age: 9206
last-modified: Tue, 26 Apr 2022 15:50:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 24448, version 1.0\012- data
Hash 865e46af816320c9f32234e8968558d0
6791e9f732fcbde0f375f84ccbc14c4ac72795a3
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
GET /s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:27:50 GMT
expires: Wed, 04 Oct 2023 17:27:50 GMT
cache-control: public, max-age=31536000
age: 144400
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pixelme.me/pix.min.js
35.241.37.126200 OK 16 kB URL HTTP/2 cdn.pixelme.me/pix.min.js
IP 35.241.37.126:0
File type ASCII text, with very long lines (8360)
Hash e70eff749e09521f05ccda0a3d84f359
6b281f497a6f926efab476abefee1fc6f806d5da
3d625081195d8f6f3fec647c35950d9781ba2e4c4061abf3a8b5d63c69e75464
GET /pix.min.js HTTP/1.1
Host: cdn.pixelme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Cookie: pxlme=eyJyZWZlcnJlciI6IiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduipYY9sv-rpJauAgwpVKy5iWft9GH5QKD_5kSB30PFQUl8CG_JJ4SpYn_7BqcJJufrwXFRA_6H2hSYnmdzbuE5m0t-j2oD
x-goog-generation: 1574675467274473
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 16282
content-encoding: gzip
x-goog-hash: crc32c=MKgscA==, md5=5w7/dJ4JUh8FzNoKPYTzWQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 16282
server: UploadServer
date: Thu, 06 Oct 2022 08:54:27 GMT
expires: Thu, 06 Oct 2022 09:54:27 GMT
cache-control: public, max-age=3600
age: 2403
last-modified: Mon, 25 Nov 2019 09:51:07 GMT
etag: "e70eff749e09521f05ccda0a3d84f359"
content-type: application/x-javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
216.58.207.195200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:15:31 GMT
expires: Wed, 04 Oct 2023 17:15:31 GMT
cache-control: public, max-age=31536000
age: 145139
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17072, version 1.0\012- data
Hash a049f4c6bcb907e3d451bdb388c8e86f
f6261c1401a8a0f31ae74fb9ef7ab6dfec3ef1b6
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
GET /s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 18:26:08 GMT
expires: Wed, 04 Oct 2023 18:26:08 GMT
cache-control: public, max-age=31536000
age: 140902
last-modified: Tue, 26 Apr 2022 16:41:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:17:26 GMT
expires: Wed, 04 Oct 2023 17:17:26 GMT
cache-control: public, max-age=31536000
age: 145024
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.weglot.com/weglot.min.js
54.230.111.42200 OK 75 kB URL HTTP/2 cdn.weglot.com/weglot.min.js
IP 54.230.111.42:0
Hash 1cde7ec9b694105d301dca38b8506d5d
a1596b6ded0c9db437732c9e2d78d99035d1d937
6f5dae3b267d16a7def0ac9c492a3c149346c3cdf0c316498595fe945d12ef09
GET /weglot.min.js HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Fri, 30 Sep 2022 12:56:27 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Thu, 06 Oct 2022 09:28:52 GMT
cache-control: max-age=1800
etag: W/"1e4c4bbe45c74e5065250cfa1d39eb6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k5brZZD1IH-MtwX6lsrucwFWUBPprbJ3Bh9LOQNYiBFPNnPkTvIpnw==
age: 339
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2
216.58.207.195200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21508, version 1.0\012- data
Hash 24b8a8abbec56ab127adc36e35f49bb3
0906975d70856ef3df1ae3d91db5d29687981c3f
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
GET /s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:41:59 GMT
expires: Wed, 04 Oct 2023 17:41:59 GMT
cache-control: public, max-age=31536000
age: 143551
last-modified: Tue, 26 Apr 2022 15:46:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b835b5a437ac8178465678803bb979f
fc037d7624b4dcdbb20992045e0abfa80ccaf5eb
6e2438b55d96e61a9effc80d9d3fb435e7fcd9736a1b54c7c1c8681978ecb75c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/P61wxexqqpI
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/P61wxexqqpI
IP 142.250.74.3:0
Hash f71252faaa751ced33ff94ecaa010ea4
1a87c84c9519eedd32e9f46919f665ef61ef3c63
c2d574a724ce63406996f827642fd8b418b9b646955fffff2b4bda44f46fa2f2
POST /s/gts1d4/P61wxexqqpI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
plausible.io/api/event
194.242.11.186202 Accepted 2 B IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /api/event HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 109
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Thu, 06 Oct 2022 09:34:31 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: BunnyCDN-NO-830
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: must-revalidate, max-age=0, private
application: 10.0.0.8
permissions-policy: interest-cohort=()
x-request-id: FxtxIFiHZgdsd54U2gIH
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 202
cdn-cachedat: 10/06/2022 09:34:31
cdn-edgestorageid: 830
cdn-status: 202
cdn-requestid: 7c5fbaaaa950df28ab80be5814c734cf
X-Firefox-Spdy: h2
grsm.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
104.18.10.212200 OK 0 B URL HTTP/2 grsm.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
IP 104.18.10.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi HTTP/1.1
Host: grsm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:34:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.pixelme.me
p3p: CP="This is not a P3P policy! See our docs for more info."
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 755d66d37f7bb4fa-OSL
X-Firefox-Spdy: h2
partnerlinks.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
104.18.30.133200 OK 0 B URL HTTP/2 partnerlinks.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
IP 104.18.30.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi HTTP/1.1
Host: partnerlinks.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:34:31 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.pixelme.me
access-control-allow-credentials: true
p3p: CP="This is not a P3P policy! See our docs for more info."
vary: Accept-Encoding
server: cloudflare
cf-ray: 755d66d4b8090b39-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18529
Expires: Thu, 06 Oct 2022 14:43:20 GMT
Date: Thu, 06 Oct 2022 09:34:31 GMT
Connection: keep-alive
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=ru&v=1653069479
54.230.111.12200 OK 505 B URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=ru&v=1653069479
IP 54.230.111.12:0
Hash 57adf72029ed7385f926d8af0acf0c31
3f05331150550a95b226b4ab5b93884cb4cdbb05
e2ee0600a148e84eaa9e8225be100a77094288083192f379bd77c0469476a7fc
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=ru&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Wed, 25 May 2022 07:47:20 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-9e9c8c79e9e3846aa4ab341ba205262e' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Wed, 25 May 2022 07:47:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lCbRqcw5GP1NgJc6sKfxX5gGesDrBWWfn11ZTP6aOMLBnHf1CpFR5A==
age: 11584030
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 41113
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5a5ee14d41747f46e71f04782e1a3d3
b0205176a58913f57056b91674097bfb58046e97
b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: 7ada8e43-9cb5-4793-9289-e308e9565e7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZoF7aIAMF43A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-73da01595d32809e08b93a83;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 14qQi5wDI-_EgyghHCMjRtdZliSj3L6veSqIeBoEjCTfdZfrKb-UzA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
age: 43045
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 41735
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e520f87cae411cfc2ed1c8a14184385
69ad212cb7ae309d4f02019552887135bfae67da
723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: BddSUzh-PKiFmfw2p9gPW-B0qtrXWxCXfee29Pk-wLqN7RO21Yic6g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
age: 43045
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:50:38 GMT
age: 20633
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 72ad6f9b79e7a3d11e3ace6b0e969614
a9cd62230d4aabfcc2e8b2494e687d854254113e
1d59cd22b3316da6f1d44076089ba983faed5327d174ddb3cb3d58f487ccae51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 01497827-07e5-4129-abf2-120b00eed8c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPs5F1LoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df985-4b0c175142a6ace915d5e5d2;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QElSCxuAj2dM9Psp2_fPTSi1goaNKkylf7D9ITOplorOFLIGIV332g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:46 GMT
age: 42105
etag: "a9cd62230d4aabfcc2e8b2494e687d854254113e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=53404
date: Thu, 06 Oct 2022 09:34:31 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Thu, 06 Oct 2022 09:34:31 GMT
x-served-by: cache-iad-kcgs7200165-IAD, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 06 Oct 2022 08:41:09 GMT
expires: Thu, 06 Oct 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 3202
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=zh&v=1653069479
54.230.111.12200 OK 11 kB URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=zh&v=1653069479
IP 54.230.111.12:0
Hash 5a8dcf031e5dc35b32961909e1716eb5
f300044bc338e95ed4c744ad74477889b011e450
1d4f88ac3931babada0a52607c20d02d4395abed1533758615dde1db4155369c
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=zh&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sat, 21 May 2022 00:27:48 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-7716bb5f9bb0beb29fb2df22a33fc7ba' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Sat, 21 May 2022 00:27:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Lbm7n3Y-KEcigKJVHbyJ28_liKnvzxGbMnNCmIADBBXdhigEXbV8HA==
age: 11956002
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96e7e44c42750da7479d02b2751d3b00
4565189efca34c19ebe953bffb1148b5e792be70
8e0601b4721a1bfab206cd2102644a405db444d05fe7cafa741fb995709d8457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E0601B4721A1BFAB206CD2102644A405DB444D05FE7CAFA741FB995709D8457"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7480
Expires: Thu, 06 Oct 2022 11:39:11 GMT
Date: Thu, 06 Oct 2022 09:34:31 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/viewthroughconversion/837753914/?random=1665048870845&cv=9&fst=1665048870845&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tiba=Phishing&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/837753914/?random=1665048870845&cv=9&fst=1665048870845&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tiba=Phishing&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2190), with no line terminators
Hash ee186b9bb8485097de0234bb39d24fff
09665186017003e84918920ae2a601389ca93dc7
37a168157bce37dfd77a4cb78c365f6a4952e5287e4c226dc644956a0fd4985f
GET /pagead/viewthroughconversion/837753914/?random=1665048870845&cv=9&fst=1665048870845&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tiba=Phishing&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 09:34:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1018
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 06-Oct-2022 09:49:31 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
54.230.111.94200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP 54.230.111.94:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Tue, 04 Oct 2022 09:28:08 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TaKzn4NKBob61gaOoA-UzlXcSoVBY2-NPEwLGhiBBWXm2RGwefVpaQ==
age: 173183
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eac86f868b3967f1946c7f5fc712b25f
e2ae8eb09715a0af0791c085eb35bf66e0548e30
bceb14e7a478c0e34a0f1d8286eb954566c62051e996bc36189de922a76a6e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 85d0e74b83c485572f113f8ac7ba4346
5c9a2d6e447c8307980be240986a3ffc54fd8927
184a8ab4db66977d54898ef2fa266304b08fe764c2c0f22d06d2f98a43da80aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5376
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:31 GMT
Last-Modified: Thu, 06 Oct 2022 08:04:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1665048871321&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1665048871321&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=603540&time=1665048871321&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D603540%26time%3D1665048871321%26url%3Dhttps%253A%252F%252Fwww.pixelme.me%252Fphishing%253Furl%253Dhttps%253A%252F%252Fdrum.io%252FBENDELI%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIe0Tz6fZ1T_AAAAYOspYIINu-RqhR_nPIeRPszhzocpIrnZrbjeCiZq10DRZcSXD31dwnfMZbhWQ; Max-Age=2592000; Expires=Sat, 05 Nov 2022 09:34:31 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJhicsLBk8PBgAAAYOspYIIYUNRL5tspDzusczPctmj3miGTdCnNbpZIRoOtJroWdUS7-38-BzKplxnNNPa8A; Max-Age=2592000; Expires=Sat, 05 Nov 2022 09:34:31 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&7230e6f9-eda0-4771-8fe6-286fd308873d"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 06-Oct-2023 09:34:31 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2403:u=1:x=1:i=1665048871:t=1665135271:v=2:sig=AQHkAmVJquyLaavVtlneWZU5NneTMhez"; Expires=Fri, 07 Oct 2022 09:34:31 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXqWmaDw0B00dShd1fmRA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EC2D451E16B74889AAA52AE19FCEBCB1 Ref B: OSL30EDGE0421 Ref C: 2022-10-06T09:34:31Z
date: Thu, 06 Oct 2022 09:34:30 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/es.svg
54.230.111.42200 OK 16 kB URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/es.svg
IP 54.230.111.42:0
Hash 9dfa0db51b4f917a0017d9917afa9714
19cd029c9b6b12511f4b1d97ff65f94d206fb72b
3f2ba4ebf70d4faf5a8149673c202c727604ebd72b613f0e7bcec63c75c2d4c9
GET /flags/rectangle_mat/es.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
date: Tue, 04 Oct 2022 21:33:19 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:28 GMT
x-amz-version-id: null
etag: W/"96b4be850a4d40bcea53825f0a5464ee"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HUGsmKqwAXJDvO2-itvvARbh7U18GH3_6btwFgCenk9WfT47OJxT0A==
age: 129672
X-Firefox-Spdy: h2
script.hotjar.com/modules.cbd9768ba80ba0be5b17.js
54.230.111.73200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.cbd9768ba80ba0be5b17.js
IP 54.230.111.73:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 483a48bedf96c50163b542fb95446039
c724132c8b3b31f2938c84af7ced2b69b66bf5fe
5ea4d712f01c7b6f1c523834934ce998e251048ab6b5a1f82aa1cc00280843cb
GET /modules.cbd9768ba80ba0be5b17.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 66229
date: Tue, 04 Oct 2022 18:47:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "483a48bedf96c50163b542fb95446039"
last-modified: Tue, 04 Oct 2022 18:46:48 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y6KdNOGcWvEbhScQrRS_1OmdW0Pn8GKs2gZdxuJ2Ag-vgB3pXCeWXA==
age: 139645
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=26035908&tm=gtm002&Ver=2&mid=d22e229a-278a-426f-84c2-1e29493735e6&sid=14a23460455a11edb911b14884c28d60&vid=14a24750455a11eda615d13b34eeb8f3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Phishing&p=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&r=<=1825&evt=pageLoad&sv=1&rn=753180
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=26035908&tm=gtm002&Ver=2&mid=d22e229a-278a-426f-84c2-1e29493735e6&sid=14a23460455a11edb911b14884c28d60&vid=14a24750455a11eda615d13b34eeb8f3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Phishing&p=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&r=<=1825&evt=pageLoad&sv=1&rn=753180
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=26035908&tm=gtm002&Ver=2&mid=d22e229a-278a-426f-84c2-1e29493735e6&sid=14a23460455a11edb911b14884c28d60&vid=14a24750455a11eda615d13b34eeb8f3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Phishing&p=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&r=<=1825&evt=pageLoad&sv=1&rn=753180 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=074B3C1590166CEC1F9A2E2091E36D24; domain=.bing.com; expires=Tue, 31-Oct-2023 09:34:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5976735CAF8A45A7BFCBADCF5FF770A6 Ref B: OSL30EDGE0215 Ref C: 2022-10-06T09:34:31Z
date: Thu, 06 Oct 2022 09:34:31 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 40a4de06678d96242b71d5318f2fd4ef
546a7d1d92df81916f14155943427b5453ae3924
aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 09ca26eaf86cfbfac28b54cac6d42d5f
e3272c4faf239c1792aeae0e6fcf5b4eb9ab2d8c
f3ac85d3475c24a00784d37e006fbdc7b393326417f736c4a774c299697a95fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3949
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:31 GMT
Last-Modified: Thu, 06 Oct 2022 08:28:42 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 313
www.google.com/pagead/1p-user-list/837753914/?random=1665048870845&cv=9&fst=1665046800000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tiba=Phishing&fmt=3&is_vtc=1&random=2641776235&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/837753914/?random=1665048870845&cv=9&fst=1665046800000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tiba=Phishing&fmt=3&is_vtc=1&random=2641776235&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/837753914/?random=1665048870845&cv=9&fst=1665046800000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tiba=Phishing&fmt=3&is_vtc=1&random=2641776235&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 09:34:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fwww.pixelme.me%2Fphishing&c=direct
216.24.57.3200 OK 77 B URL HTTP/2 grow.clearbitjs.com/api/c.gif?r=https%3A%2F%2Fwww.pixelme.me%2Fphishing&c=direct
IP 216.24.57.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 18c184681402a76b33e2c340c699c387
536034d2d61fa278ccfb53e9f796fa4582d8769c
ee759d2fc47857a794c4fc80f2d5206f45c496e9005c571f71a7d0772d8d7090
GET /api/c.gif?r=https%3A%2F%2Fwww.pixelme.me%2Fphishing&c=direct HTTP/1.1
Host: grow.clearbitjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:34:31 GMT
content-type: image/gif
cf-ray: 755d66d60ce5b524-OSL
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/p/action/26035908.js
204.79.197.200200 OK 667 B URL HTTP/2 bat.bing.com/p/action/26035908.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 03b66db7ed6a557d3effa4ec391f2d4e
ead4f7a9bac6ffebe2ed6e29273de4b55444441c
f2e59edf30571f8323847200d8023656625ec7ee55276c0c4946e6a9c5628891
GET /p/action/26035908.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 667
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=363D33240AFD604C345A21110B086168; domain=.bing.com; expires=Tue, 31-Oct-2023 09:34:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C059E02A9FA54E98B268B14A91C06503 Ref B: OSL30EDGE0215 Ref C: 2022-10-06T09:34:31Z
date: Thu, 06 Oct 2022 09:34:31 GMT
X-Firefox-Spdy: h2
plausible.io/js/plausible.js
194.242.11.186200 OK 782 B URL HTTP/2 plausible.io/js/plausible.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1321), with no line terminators
Hash 6cb2c6a8ef09603a0892849898f0610a
50065684e960f676973feb4332aca4942b97430b
7f36bbb68cbfebb3e85d7a3a458ea9a825caebe8ae8421fcdea5a0ce5130aef3
GET /js/plausible.js HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:34:30 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=3600
application: 10.0.0.8
cross-origin-resource-policy: cross-origin
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/06/2022 09:25:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 00d4eca44030e22edfa1fb580620efb7
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f9371f81e2eeeead7fe351a49f3b1c40
ae23d6c6c57dd7cf568c3a74594c377b7bb7df43
03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d4c3917173bd92c4b3208cdf2c7c345
726a9aa16eef5844afde825f9faf1b505d31e69b
572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 09:34:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91053522-1&cid=1389852769.1665048871&jid=702701024&_u=YEBAAUAAQAAAACAAI~&z=1381162394
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91053522-1&cid=1389852769.1665048871&jid=702701024&_u=YEBAAUAAQAAAACAAI~&z=1381162394
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91053522-1&cid=1389852769.1665048871&jid=702701024&_u=YEBAAUAAQAAAACAAI~&z=1381162394 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 09:34:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91053522-1&cid=1389852769.1665048871&jid=702701024&_u=YEBAAUAAQAAAACAAI~&z=1381162394
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91053522-1&cid=1389852769.1665048871&jid=702701024&_u=YEBAAUAAQAAAACAAI~&z=1381162394
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-91053522-1&cid=1389852769.1665048871&jid=702701024&_u=YEBAAUAAQAAAACAAI~&z=1381162394 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 09:34:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D603540%26time%3D1665048871321%26url%3Dhttps%253A%252F%252Fwww.pixelme.me%252Fphishing%253Furl%253Dhttps%253A%252F%252Fdrum.io%252FBENDELI%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D603540%26time%3D1665048871321%26url%3Dhttps%253A%252F%252Fwww.pixelme.me%252Fphishing%253Furl%253Dhttps%253A%252F%252Fdrum.io%252FBENDELI%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D603540%26time%3D1665048871321%26url%3Dhttps%253A%252F%252Fwww.pixelme.me%252Fphishing%253Furl%253Dhttps%253A%252F%252Fdrum.io%252FBENDELI%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1665048871321&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&63de0aa2-2ba0-4560-81ac-aac2aa6f114c"; Domain=.linkedin.com; Expires=Fri, 06-Oct-2023 09:34:31 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221006093431bb8eda09-03a1-4809-8b00-18ff12cc58e7AQE-uaTQsyBo2c4dbY1SGQJFO6a1FrOr"; Domain=.www.linkedin.com; Expires=Fri, 06-Oct-2023 09:34:31 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjUwNDg4NzE7MjswMjE+GUDROMs1V66jHgNSHvHO23uonwQzm3Jty0sZBCqdUw==; Domain=.linkedin.com; Expires=Tue, 04 Apr 2023 09:34:31 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2355:u=1:x=1:i=1665048871:t=1665135271:v=2:sig=AQE3RvSSR6qtxn6ZRBSlqDBA_PdDf6a-"; Expires=Fri, 07 Oct 2022 09:34:31 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXqWmaIPWjQ/rYbTEskoA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3254D7D9F2784193A6996641ED5C8AA1 Ref B: OSL30EDGE0421 Ref C: 2022-10-06T09:34:31Z
date: Thu, 06 Oct 2022 09:34:31 GMT
content-length: 0
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=daee9a3e-aae6-4517-afbe-928e3d3a0892&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc3be811-9f7e-4c5e-b263-5f88fcc892ce&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=daee9a3e-aae6-4517-afbe-928e3d3a0892&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc3be811-9f7e-4c5e-b263-5f88fcc892ce&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=daee9a3e-aae6-4517-afbe-928e3d3a0892&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc3be811-9f7e-4c5e-b263-5f88fcc892ce&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:34:30 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_8EOFoB3Z6aBBch3SfigcAw=="; Max-Age=63072000; Expires=Sat, 05 Oct 2024 09:34:31 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 2b4d351cca439612
strict-transport-security: max-age=631138519
x-response-time: 106
x-connection-hash: ff15c1cd8931f04c01633742be24d9ffec2c4b324e5164cc1faa7ec7214b53d3
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 439eb70a9ae613f087ce43cd6de98a29
f91d7d5ff9145049aaa052cf922769ea07f575cd
8e84672aefd1a2833c87c2661de5a6a57308ae90b73e1a46063064929be0490b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104600
Date: Thu, 06 Oct 2022 09:34:31 GMT
Etag: "633d93cb-1d7"
Expires: Fri, 07 Oct 2022 14:37:51 GMT
Last-Modified: Wed, 05 Oct 2022 14:25:15 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uRRuXXH6kjiVca5AS4djfXnPM4zLUalgmDS9t1UuMJYFz8rwm7NVVg==
Age: 756
www.clarity.ms/tag/uet/26035908
13.107.246.53200 OK 1.7 kB URL HTTP/2 www.clarity.ms/tag/uet/26035908
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1688), with no line terminators
Hash b6ddc9c0029f6b29d0b65a3eec2b9f31
756bd3e61884e5b93094c7ec9abc500648100395
9478675dc6b46ef2f4c8fc52674bf7a49e4bbf99398edf9df174e8a30c4a6062
GET /tag/uet/26035908 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1688
content-type: application/x-javascript
expires: -1
set-cookie: CLID=912b06d0a6ae494fa6be1394df631198.20221006.20231006; expires=Fri, 06 Oct 2023 09:34:31 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0J6E+YwAAAAApgU+C5B7LRpKoQ9EJoNYaU1ZHMjBFREdFMDYyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 06 Oct 2022 09:34:31 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1665048871321&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1665048871321&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=603540&time=1665048871321&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fdrum.io%2FBENDELI&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&c8fb1c92-cbd8-41f1-80a4-2a8557572c84"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 06-Oct-2023 09:34:31 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2398:u=1:x=1:i=1665048871:t=1665135271:v=2:sig=AQGHlm5tv8mip4oow2J-b1wO0EYy3N3t"; Expires=Fri, 07 Oct 2022 09:34:31 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXqWmaLHBvYTORoCWsV6w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9657DFD20FB24B38AC3EEFAE6FE39EA1 Ref B: OSL30EDGE0421 Ref C: 2022-10-06T09:34:31Z
date: Thu, 06 Oct 2022 09:34:31 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=D7E8F5E3BCAF45548B050B4060FE5728&RedC=c.clarity.ms&MXFR=3F4624BDA56E629135E83688A16E6CEC
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=3F4624BDA56E629135E83688A16E6CEC; domain=.clarity.ms; expires=Tue, 31-Oct-2023 09:34:32 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Thu, 06 Oct 2022 09:34:31 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=D7E8F5E3BCAF45548B050B4060FE5728&RedC=c.clarity.ms&MXFR=3F4624BDA56E629135E83688A16E6CEC
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=D7E8F5E3BCAF45548B050B4060FE5728&RedC=c.clarity.ms&MXFR=3F4624BDA56E629135E83688A16E6CEC
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=D7E8F5E3BCAF45548B050B4060FE5728&RedC=c.clarity.ms&MXFR=3F4624BDA56E629135E83688A16E6CEC HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=D7E8F5E3BCAF45548B050B4060FE5728&MUID=137300E813E66CEA330212DD12136D66
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=137300E813E66CEA330212DD12136D66; domain=c.bing.com; expires=Tue, 31-Oct-2023 09:34:32 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 34FBAB04177347C2A5908F9C67B2CCE7 Ref B: OSL30EDGE0215 Ref C: 2022-10-06T09:34:32Z
date: Thu, 06 Oct 2022 09:34:31 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=D7E8F5E3BCAF45548B050B4060FE5728&MUID=137300E813E66CEA330212DD12136D66
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=D7E8F5E3BCAF45548B050B4060FE5728&MUID=137300E813E66CEA330212DD12136D66
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=D7E8F5E3BCAF45548B050B4060FE5728&MUID=137300E813E66CEA330212DD12136D66 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Thu, 06-Oct-2022 09:44:32 GMT; path=/; SameSite=None; Secure;
date: Thu, 06 Oct 2022 09:34:31 GMT
content-length: 42
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.42/clarity.js
13.107.246.53200 OK 23 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.42/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54141)
Hash f016daac053b80575e11e20b6644142b
bc23277b8eae567b77c3dfc3f03b91fb054feda7
ee91529c076bf5e87a26b3c045e0b6e63326e6aa871dafea1c1509f73454123d
GET /eus2/s/0.6.42/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8d8e58fdaa9d4"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0J6E+YwAAAACNv0xTxHm2SKSBqi31SJJjU1ZHMjBFREdFMDYyMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Thu, 06 Oct 2022 09:34:31 GMT
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2279645/visit-data?sv=7
54.76.60.60200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2279645/visit-data?sv=7
IP 54.76.60.60:0
POST /api/v2/client/sites/2279645/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 149
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:34:31 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=606485806deaf1f6b4ffdbee
54.230.245.53200 OK 0 B URL HTTP/2 d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=606485806deaf1f6b4ffdbee
IP 54.230.245.53:0
GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=606485806deaf1f6b4ffdbee HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: br
date: Thu, 06 Oct 2022 05:37:21 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
age: 15546
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: khnu5mkx24tmlPvAqvFsRkJkQlSD37dnBh3IdW9_5CHEEzejLsdeGg==
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/62bed1e9e454d750c42f601d_Object%20Sans%20Bold.ttf
54.230.111.10200 OK 0 B URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/62bed1e9e454d750c42f601d_Object%20Sans%20Bold.ttf
IP 54.230.111.10:0
GET /606485806deaf1f6b4ffdbee/62bed1e9e454d750c42f601d_Object%20Sans%20Bold.ttf HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://assets.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-ttf
date: Sat, 20 Aug 2022 01:57:33 GMT
last-modified: Fri, 01 Jul 2022 10:53:46 GMT
etag: W/"2c92bbf252044dd4594cb48e25430c22"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: XCU0OzSzzA43uGjcmcixEWfYSiQTwqve
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 4088218
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yS8ouyUDWD-0CpCfdxLPp9Ga1Rvi6YCSD7r_EwccvuKC_jCMGTkptg==
X-Firefox-Spdy: h2
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=it&v=1653069479
54.230.111.12200 OK 0 B URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=it&v=1653069479
IP 54.230.111.12:0
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=it&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sat, 21 May 2022 00:27:31 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-59a320d6ac236e815c9d535327a32f03' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Sat, 21 May 2022 00:27:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EGLvzoJ_r3QnygNvM5gINrB87aU_yf0scLVPbGKRIRP9a7DLaum19Q==
age: 11956019
X-Firefox-Spdy: h2
snippet.growsumo.com/growsumo.min.js
188.114.99.202200 OK 0 B URL HTTP/2 snippet.growsumo.com/growsumo.min.js
IP 188.114.99.202:0
GET /growsumo.min.js HTTP/1.1
Host: snippet.growsumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:34:30 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 14:09:46 GMT
etag: W/"6329c9aa-18b1"
cache-control: public, max-age=14400
via: 1.1 google
cf-cache-status: HIT
age: 22
expires: Thu, 06 Oct 2022 13:34:30 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 755d66d1cdb3b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2279645.js?sv=7
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2279645.js?sv=7
IP 54.230.111.113:0
GET /c/hotjar-2279645.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 09:34:29 GMT
cache-control: max-age=60
etag: W/3cb57ef148978a3377d5009e64552f72
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DX_wyGP9IjApc0TKXN9Op9c101H9A12Yk3iflYOjEXQKxmR53XqfSQ==
age: 2
X-Firefox-Spdy: h2
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=es&v=1653069479
54.230.111.12200 OK 0 B URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=es&v=1653069479
IP 54.230.111.12:0
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=es&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 27 May 2022 06:52:53 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-77f1047b304c114a309dba3567a25e34' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Fri, 27 May 2022 06:52:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TF4zBg5K3OuFXc5_gWjqOBot5tvPhSQXrk16SOmaeM0nwe5lIf1BZQ==
age: 11414497
X-Firefox-Spdy: h2
cdn.weglot.com/weglot.min.css?v=4
54.230.111.42200 OK 0 B URL HTTP/2 cdn.weglot.com/weglot.min.css?v=4
IP 54.230.111.42:0
GET /weglot.min.css?v=4 HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Wed, 05 Oct 2022 17:22:17 GMT
cache-control: max-age=2592000
last-modified: Fri, 30 Sep 2022 12:58:40 GMT
x-amz-version-id: null
etag: W/"b72cdd8118949f04803d561712cf0c5e"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XSCQbZy2Cro0kfcMJRQqFURBzGvo2o3NY5WxqiTnRLOidNX-Da5-4w==
age: 58334
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/6225ad9554b120630769eda4_Group%2019871.svg
54.230.111.10200 OK 0 B URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/6225ad9554b120630769eda4_Group%2019871.svg
IP 54.230.111.10:0
GET /606485806deaf1f6b4ffdbee/6225ad9554b120630769eda4_Group%2019871.svg HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 29 Aug 2022 01:38:46 GMT
last-modified: Mon, 07 Mar 2022 07:00:41 GMT
etag: W/"c897dfef0b3c3ad93727171b28ad3017"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: ayth8.tqzZ8CITNrWrD5zAO2AENZBu75
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
age: 3311745
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rYUPdvwu6rEIYFVnoDtpM6xacAz3tDKJO0-DxNZAkLcSVOQ2ONGeVQ==
X-Firefox-Spdy: h2
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=de&v=1653069479
54.230.111.12200 OK 0 B URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=de&v=1653069479
IP 54.230.111.12:0
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=de&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sat, 28 May 2022 05:48:15 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-4f39b438fe7f74b1f10af64e5253771b' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Sat, 28 May 2022 05:48:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ibnEkSaWGP6zxdaurVQTWSwDQtTfL6Cst7xUjWztAjcimVFUFywzzw==
age: 11331975
X-Firefox-Spdy: h2
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=fr&v=1653069479
54.230.111.12200 OK 0 B URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=fr&v=1653069479
IP 54.230.111.12:0
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=fr&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Tue, 24 May 2022 00:21:28 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-d3e74acb9f9e67c2657b58f6a5cee29f' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Tue, 24 May 2022 00:21:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GkPAc_5UjyEIx4GDeYdV2uhYE6wautLayTHbWTluW0AtP-94aHq5ag==
age: 11697182
X-Firefox-Spdy: h2
grow.clearbitjs.com/api/pixel.js?v=1665048870592
216.24.57.3200 OK 0 B URL HTTP/2 grow.clearbitjs.com/api/pixel.js?v=1665048870592
IP 216.24.57.3:0
GET /api/pixel.js?v=1665048870592 HTTP/1.1
Host: grow.clearbitjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 09:34:31 GMT
content-type: text/javascript
cf-ray: 755d66d298f2b524-OSL
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2