Report - www.remembergirl.com/ALL-C/index-fr.htm

Report Overview

Submitted URL
www.remembergirl.com/ALL-C/index-fr.htm
IP
172.67.144.116
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-29 08:19:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.22
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	46 kB	34.120.237.76
ads.traffichunt.com	68632	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	427 B	755 B	52.73.94.161
tfosrv.com	65142	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	390 B	216.18.168.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.165
js-agent.newrelic.com	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	293 B	9.4 kB	151.101.86.137
bam.nr-data.net	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	939 B	162.247.241.14
nextgencounter.com	92600	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	592 B	209.208.78.145
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.4 kB	142.250.74.3
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
www.remembergirl.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.4 kB	401 kB	104.21.47.45
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	687 B	44 kB	142.250.74.168
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.237.163.41
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
tsyndicate.com	13042	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	742 B	1.3 kB	136.243.51.205
main.exoclick.com	33599	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.2 kB	95.211.229.247

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	www.remembergirl.com/ALL-C/index-fr.htm	Malware
2022-11-29	medium	www.remembergirl.com/ALL-C/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js	Malware
2022-11-29	medium	www.remembergirl.com/ALL-C/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js	Malware
2022-11-29	medium	www.remembergirl.com/ALL-C/Javascript/jquery.695b55bf947b588e5fad6be1acfdc1f6.js	Malware
2022-11-29	medium	www.remembergirl.com/ALL-C/Image/CWB0XYA8bzo0kSThX0UTuA.woff2	Malware
2022-11-29	medium	www.remembergirl.com/ALL-C/Image/mnpfi9pxYH-Go5UiibESIltXRa8TVwTICgirnJhmVJw.woff2	Malware
2022-11-29	medium	www.remembergirl.com/ALL-C/Image/2UX7WLTfW3W8TclTUvlFyQ.woff	Malware
2022-11-29	medium	www.remembergirl.com/ALL-C/Image/mnpfi9pxYH-Go5UiibESIj8E0i7KZn-EPnyo3HZu7kw.woff	Malware
2022-11-29	medium	www.remembergirl.com/ALL-C/favicon.html	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	js-agent.newrelic.com/nr-768.min.js	23 kB	2023-03-07	2023-05-05
Pretty URL js-agent.newrelic.com/nr-768.min.js IP 151.101.86.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:44 Last Seen2023-05-05 23:40:16 Times Seen57 Hash b4b84a4b4f36d13ffaa93c062b2d3e17 ca58f5f83b5e8e57ecea55fa31dcba3a376776c6 d7c3f2fd93cfda0e0d1c97653f365b33676a10d53bfffa631e8d626d9d635c0c Loading...

	www.remembergirl.com/ALL-C/index-fr.htm	3.3 kB	2023-03-07	2024-04-20
Pretty URL www.remembergirl.com/ALL-C/index-fr.htm IP 104.21.47.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:44 Last Seen2024-04-20 09:18:37 Times Seen675 Hash 395e7a55cb02d8c58aeaa6854639bfcd 95f166c5bab7ddca8714505091d238ac5e675775 bf5f5dbb24973305dddf3514ebad216607114d15bf0682d3e9e2eece25745dd9 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 03:25:21 Times Seen37082125 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.remembergirl.com/ALL-C/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js	656 B	2023-03-07	2024-04-20
Pretty URL www.remembergirl.com/ALL-C/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js IP 104.21.47.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:44 Last Seen2024-04-20 09:18:37 Times Seen869 Hash a61d704122db565646eb89e6f96e2f2b 03730a50625daef938a880ae4bb90a2c79def1e5 7d38f99686fefc6855ad62b4827d3724d08c4e77744638b5a9ab2ca1609e71db Loading...

	www.remembergirl.com/ALL-C/index-fr.htm	19 B	2023-03-07	2024-04-20
Pretty URL www.remembergirl.com/ALL-C/index-fr.htm IP 104.21.47.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:37 Last Seen2024-04-20 16:31:35 Times Seen1057 Hash 8c224cde3b7d658749aeb97930395f6a 8c967cf6f32bcc87a44a1dbee74fc8b75f3d1a9b 76b420fe98146a6f6647792a8cf2bbc4ead5c4a33cc7bfdf1403abc7787c9edf Loading...

	www.remembergirl.com/ALL-C/index-fr.htm	334 B	2023-03-07	2024-04-20
Pretty URL www.remembergirl.com/ALL-C/index-fr.htm IP 104.21.47.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:44 Last Seen2024-04-20 09:18:37 Times Seen665 Hash 27d31884a6866c7c46de6993ef6c4252 cf66cd1517520a7aa49e821c289024c501555b7d 23715e820b1d021e8ddae0e8de03bb79b9ab5d701e7898c30b83db3ce4c14e97 Loading...

	www.remembergirl.com/ALL-C/index-fr.htm	282 B	2023-03-07	2024-04-20
Pretty URL www.remembergirl.com/ALL-C/index-fr.htm IP 104.21.47.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:44 Last Seen2024-04-20 09:18:37 Times Seen667 Hash fc6d88580399436c7982d85867b5626d 1a534fca040fd9ea27cc378bfdaa842c4351f02a 4215d621eefa5c805c853b12b4f6bd69a8ed583130f372507a64128ff05d7785 Loading...

	www.remembergirl.com/ALL-C/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js	439 B	2023-03-07	2024-04-20
Pretty URL www.remembergirl.com/ALL-C/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js IP 104.21.47.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:44 Last Seen2024-04-20 09:18:37 Times Seen926 Hash 214043f54f832678850fca8c5e01f3a6 30a66237b506392e073971e55aff32b53367354c b4460c164ed593fcd7f1abc940c60890bccdf25cb31761e68cef2370f4ea6416 Loading...

	www.remembergirl.com/ALL-C/index-fr.htm	25 B	2023-03-07	2024-04-20
Pretty URL www.remembergirl.com/ALL-C/index-fr.htm IP 104.21.47.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:44 Last Seen2024-04-20 09:18:37 Times Seen667 Hash 527c16542dff022aade0b1d236538c2a 80050264540010ac514ee5e03d30f1b7dad020ca 4e64345f573a3e2a800ab5b7cd892c22f87a2090e26bb91e8dffc0ad8ddedb34 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TMR4NP	120 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TMR4NP IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:20:38 Last Seen2023-03-11 22:20:38 Times Seen1 Hash d1c2aa7b442ea80de3f4d9f23113df57 1461b5d8e9ff4b88557109de39a87648e301d21f 6aa0e6cbd37f94a2e9649dd83bb4803f29a3870c78962ea97aa13bfc596d6319 Loading...

HTTP Transactions (58)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8804
Expires: Tue, 29 Nov 2022 10:46:10 GMT
Date: Tue, 29 Nov 2022 08:19:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3089
Cache-Control: max-age=97403
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 08:19:27 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:22:50 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4652
Expires: Tue, 29 Nov 2022 09:36:59 GMT
Date: Tue, 29 Nov 2022 08:19:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 07:19:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3591
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: gGip3cHQrfIDW8kmv7oNwgY/gY6P5BGXrIqxulAUOz6XgfKzxzL7EiBE+6Jp1Z+CAk/Gxhdm4a5Qp97XRacFVw==
x-amz-request-id: 4JT9C8SE2JHKCEY7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 07:42:25 GMT
age: 2222
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

www.remembergirl.com/ALL-C/index-fr.htm

104.21.47.45

200 OK

3.9 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/index-fr.htm
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3322), with CRLF line terminators
Size
3.9 kB (3863 bytes)
Hash
2f38b1fc6f192164e9fd0e9cf6ee6f4f
08500b8773edbabf017ebb263578c2bc23ef0dac
22a71e589f731eed8c9bfb1f7bfc8dec51461cdeed6c3695fa6a76cbe3357fe5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/index-fr.htm HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:09:10 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2L3agdl2TdT8mEYhNCd5sra6f6swTMuIZsa4ahVQ0ZQJGuzACzU%2BkiKCtU9sURb6hmgdTPD2hteaC45kZ69aa2v7UAJTL4XhED2UBKew3Eg7Sp8zWaka3rrVcce%2BOak92vdEmAC3w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7719eb1c7e471c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 08:19:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.remembergirl.com/ALL-C/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js

104.21.47.45

200 OK

322 B

URL HTTP/1.1
www.remembergirl.com/ALL-C/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (439), with no line terminators
Size
322 B (322 bytes)
Hash
9b6c5922e758dac061cdd2ac08a44dc6
76127f5cbaf8480d20025875d5b28352d0155f67
86b978adf36f936d31b58ebed5babf15754a0f3a9a5bda8b1abc125e34112794

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/Javascript/error.1c4710d4434f595f8a835f40daa776b8.js HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:09:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3582
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35MGK8Om2DFtNdrtGczznWOxIRtjLJa1%2Bi%2B2eF3N%2BRBp2243P8pgH%2BcqpM4lbtmnI7vThxMfIIMPEiLxGHoeP2vUvIIRwXsQ8HYvDlzp2PeMDE2%2F9qLKt5FaGwGnMlTB4NWAaCS%2BMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f08e71c0a-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js

104.21.47.45

200 OK

205 B

URL HTTP/1.1
www.remembergirl.com/ALL-C/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
CSV text\012- , ASCII text
Size
205 B (205 bytes)
Hash
b9d267e43fd40d4fa658bc077d0da73a
5a2250a04febbd908b66bbdb239530ccc596b121
8c133670ebcebb885e9399642de66a5b4c76c5bdc004bb00efb3b425d1ea04ed

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/Javascript/main.7d815901029a10bbd862c4f5e3ada540.js HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:09:30 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1762
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8W%2FTnpv06BoGTC%2B7y7q7%2Fn78kU2SmihvOfyBx816ibqlfVBEt912ekapiJaUKzyx2dxu2cotQA%2FkEZeUerg6uroTBuiBqbOiJBigIMUdFTdvViw7kWDOx77gvAGwXOksJhLHQCNcUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f1edbb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

104.21.47.45

200 OK

267 B

URL HTTP/1.1
www.remembergirl.com/ALL-C/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (500), with no line terminators
Size
267 B (267 bytes)
Hash
522cfdad76e76fe6c38bdf2e6960d3b0
c077b32e8907a1e07e3953312585dd317b4580d9
3f5483c750207966261ddcd5a6d403a947422af1594354c9705fe78a7dbf73ec

HTTP Headers

GET /ALL-C/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:26 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3582
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYTIp%2BoBXIXOyJ3F4fIquNxlZhcqVToXabqquwouGXoI1dzuVCXSZYjIcdmMwhHDndH%2FUzezWOWI3UT6bwRAt9307y0Kw%2BmxqYITQx6XoXWgUBxMioKfK9kYmPiPFRAbyUuTaEM7Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f09750b41-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/CSS/style.a699b1caf61e690ba1b00116d51c9269.css

104.21.47.45

200 OK

1.7 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/CSS/style.a699b1caf61e690ba1b00116d51c9269.css
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5562), with no line terminators
Size
1.7 kB (1656 bytes)
Hash
38698d62955ca07b93fc5cfb168fc5f6
d78be28c5f85d9d921a4590ca5a20243c56848a7
8c26570e736d8bfbc1ea1bbc1e27439681aadc096bf459dc16488860e3e0b389

HTTP Headers

GET /ALL-C/CSS/style.a699b1caf61e690ba1b00116d51c9269.css HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:27 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3582
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BVqU%2BUNtw4daNbMjIQJm7HUFrKsrcrQlU9c2DbZzTo1bcW3XVpkn8slUGrfjxqKi8q5hspwI7utmctezTfz%2FTZfn1CjF4IqATWhcf6NeJDQq%2FA4Oqmj6gAgW%2BjUJtOsSeOceqmVDw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f0d68b517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/CSS/bootstrap.47407f28f6b047490b60b0854c97a929.css

104.21.47.45

200 OK

18 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/CSS/bootstrap.47407f28f6b047490b60b0854c97a929.css
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
18 kB (18349 bytes)
Hash
79c64708a674ebd6c5838fe44f76812d
bdfafa7ae6fa3d27642dc67d0c322ad5ab9c75f6
9fe8a02c5a12a56fbe88d7bd9e041928044c12ed36342b3c039fce804b900608

HTTP Headers

GET /ALL-C/CSS/bootstrap.47407f28f6b047490b60b0854c97a929.css HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:24 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2225
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1DiQFuWkquKWWiHbgyegoE9eZXEpwuSyE%2BVRURTf2DJ0uMGe%2F%2Bs63rx0qaVoepngVeKYd2vcnrdtNUHQ%2BFxFJQwDjc6LKoW%2FaQnZUKQ%2FLiK2GQom8vWsObdZa7jqNstVgAw7C1mjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f0e36b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Javascript/jquery.695b55bf947b588e5fad6be1acfdc1f6.js

104.21.47.45

200 OK

33 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Javascript/jquery.695b55bf947b588e5fad6be1acfdc1f6.js
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (33226 bytes)
Hash
84c729160ad9e60adc389245792e6f04
62b9403c82a581a8916abf1b42054e67fe9fd425
1ffa746356f90a62c9f59ee0b45ef39b230c440f4337295da00206a855f3888e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/Javascript/jquery.695b55bf947b588e5fad6be1acfdc1f6.js HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:09:29 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3582
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKPC21%2BBy8tqC9c1i2gZeNk7sGw8a4PqIuxT3Ucr9Df%2FYClrLB2RqI%2FzLS1zDKKAsSN71f%2F48JQ267fQnS2LMkDPEugrJJn1C1z3xk36hvy4E3IPAN26B52DzArdqwUwNmPBrVviyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f1abdfac0-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/8.jpg

104.21.47.45

200 OK

34 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/8.jpg
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size
34 kB (34489 bytes)
Hash
ad047e5458e605126d282fd4888f61f1
23c3c0c25957e8041e4a5726513d59a62a94a12c
f8614fba335c92e0e4ff4398b056a32bbd5ef8f91930bf9e81d3b5a7bc6f272d

HTTP Headers

GET /ALL-C/Image/8.jpg HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: image/jpeg
Content-Length: 34489
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:50 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1762
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1IW2cSV4SPTNcGgZb6FoCMZTyWgn3ZVFLVDVSEiLAMBPbTxJzvD6jCvyySVYBBvZ1ojKA0bdyE3vW92IrIUCNq9J9eMOqsozBKxWwMiJuVyqiEUbiq4wEe9ep9aaiK0sDzs9s%2BSGA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f4e77b524-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/4.jpg

104.21.47.45

200 OK

31 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/4.jpg
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size
31 kB (30880 bytes)
Hash
e1f82bfeab8524a292791a371ce1e7da
3ee31756c99cb0f69178a9445c1ff9a923a9c4f7
fab876713c58292214ad938d37340e59c89c4cdc38625a4c44b368777706a337

HTTP Headers

GET /ALL-C/Image/4.jpg HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: image/jpeg
Content-Length: 30880
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:43 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5750
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3gy3qHJ7z1oLq7vsHZHQgU6C1OOF%2BBi5Kjj%2B6xx3qce%2F52MTjJKkyZUnDMLwSCkPJGLujlNsZkTZch9D5XHuCBN0vRuQoupiOBHr%2BAt2er2DmlwtcQU2BW%2BZ017x1hWMdLNZ43w0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f49301c0a-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/3.jpg

104.21.47.45

200 OK

34 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/3.jpg
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size
34 kB (34231 bytes)
Hash
11372c3024d634aeb250b4fffee6fdea
7639871286a3fec088f3691deda160ad3a06efec
aa61f4fcde676ac24703d6562718ddfce6f0850568191896d9c3ce71ed630be2

HTTP Headers

GET /ALL-C/Image/3.jpg HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: image/jpeg
Content-Length: 34231
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:41 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2850
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYWqGobFfYg89IL3%2FrL6iqOQQW0pqX0VpNUXCA4g2d2AZSBSYk1Lpcr5lj14Ez%2F2H97ZrHp%2F437ZTJoxVfL%2BlOERft6uXHIMjLBg1NpwUNWjjyNTUDCa7d5XeDfE4XftL%2F3jFYU6bA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f4d9bb517-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/1.jpg

104.21.47.45

200 OK

41 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/1.jpg
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size
41 kB (40611 bytes)
Hash
2406e5669cb75853b085400248d1622f
d84da06636acf5c3597bd6a62e8ce8ef1ee3287a
f0657a5cc4a40ab3b76d476f91bce56eddaa44dc15db329a9bad4f9cb1da8787

HTTP Headers

GET /ALL-C/Image/1.jpg HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: image/jpeg
Content-Length: 40611
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 04:00:51 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2278
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfV7jn03eiZZ16mqZoyut01rh8Y238foh6g9alLZWEdLyraMe9J1rtYuCOP5y9qN3ymi2sFns5j2FiOXfG5CvbRiu6RYvKrYVBBWHlyYOsE5bwb%2BaRapgBZ2bP2GyZUwpGZLFvixlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f4ad9fac0-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/5.jpg

104.21.47.45

200 OK

41 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/5.jpg
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size
41 kB (40915 bytes)
Hash
8d0120dfc6551dabddf905b0bef27492
132be39c10fc6e3d2e328b645d8d0b5427b579ba
c1a4d47f95b6d94a50cad10d99777976fcfeb25994873a59a2ab3b82e17e0672

HTTP Headers

GET /ALL-C/Image/5.jpg HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: image/jpeg
Content-Length: 40915
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:44 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2640
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnMHEnNLQWiuOubqJLbSbVUL9E2Zw1UpjvdY9b04nzf9froVuJ%2FTmXUUCRA98TouVov7PJiN4Y%2Fuw1VMOVgywCCaT0%2BAvYkCDqTQrXQCab4j6GBd37vZIVxQuRvSjNj0Sj4aQR%2BMJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f5e84b524-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/6.jpg

104.21.47.45

200 OK

38 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/6.jpg
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size
38 kB (37820 bytes)
Hash
a4536f4c32f28ab6e6f9ac04aced38de
2331e6dbf743443a67364aad506cce64cc601ae1
543a1e411f47632fe1fc3846d1e96f062be146e257ea5cc261f268fc0bd70517

HTTP Headers

GET /ALL-C/Image/6.jpg HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: image/jpeg
Content-Length: 37820
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2640
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm0a4lxoOrgM1d%2BgmQqhE%2Bs1Gk%2Fxfa%2BjEw9uIneOVMI0zdG9SRG5kBBDDjrW%2BTp7wxaTA1wrCauQUga9cKxbq1UCh2zYvwhxzgAt8QZi1zMDkpjzMPI6S55AgFavrIceLwjXhGeM5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f4f1bb4e8-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/7.jpg

104.21.47.45

200 OK

48 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/7.jpg
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x300, components 3\012- data
Size
48 kB (47477 bytes)
Hash
2547737234a33da21fba2f88ec0f36b8
0d5a5fe88bb8a6f0f3727e7b65da97a167b16c04
d78652aa5afade543add0eb499ed831b2d06f556d120c440fb54de4f74eee4d7

HTTP Headers

GET /ALL-C/Image/7.jpg HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: image/jpeg
Content-Length: 47477
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:49 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2850
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmld00TKw4%2BHoj355Gc3YpKYXdUrXv0MFCdc8dzcHyQR4pKXRgnc1CY5O2c8W%2BYn6D24Vh%2Fm9PJ99SNt%2BbuVdXrHsHpJ%2BQkaLS4moHjtkyH5%2B5Qqj8RylyID%2BWwvXMDyEXhbj8NV3g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1f69581c0a-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/CWB0XYA8bzo0kSThX0UTuA.woff2

104.21.47.45

404 Not Found

315 B

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/CWB0XYA8bzo0kSThX0UTuA.woff2
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/Image/CWB0XYA8bzo0kSThX0UTuA.woff2 HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

HTTP/1.1 404 Not Found
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 82
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=he2iu3ea9rSk6tWuNK5y9I0fEqJJT1P2MYOlKpam%2B0gZoF1eSCPMs1sz3TiQHVOZjkNV71zvc3o79VC49xrcVoNSqIU3JJQblH944ynfGMBJdMk3YmfS54dFYkO9GXJxh1%2BdnnPZdg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1feb29fac0-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/maincontainerPicture1.jpg

104.21.47.45

200 OK

61 kB

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/maincontainerPicture1.jpg
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 792x1103, components 3\012- data
Size
61 kB (61278 bytes)
Hash
926894b12cfdf2cd3f04ebe2b25800c0
3b9a12994076ec004248e64f93a9d1697b07d98f
be01e5eafebe629f566093af14700274b908f7f4d572b2e3e5a1fa3b43bba6fe

HTTP Headers

GET /ALL-C/Image/maincontainerPicture1.jpg HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/CSS/style.a699b1caf61e690ba1b00116d51c9269.css

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: image/jpeg
Content-Length: 61278
Connection: keep-alive
Last-Modified: Thu, 30 Jun 2022 09:08:52 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1762
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA7ROEdI3GHph%2B1Y2OB5u%2B2UBXSrH3BQEg2Q1wqZ2bJ%2BxxMV8FE50ErzfBn%2BwxyMBH6%2BmNeUWEeNpV%2FT%2Bc4OKQ0rQRZptmHq%2FB90DyIuDvcXpkGFIf7%2BfxuOBbyeX89NnQdZ5NgktA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1fef39b524-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/mnpfi9pxYH-Go5UiibESIltXRa8TVwTICgirnJhmVJw.woff2

104.21.47.45

404 Not Found

315 B

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/mnpfi9pxYH-Go5UiibESIltXRa8TVwTICgirnJhmVJw.woff2
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/Image/mnpfi9pxYH-Go5UiibESIltXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

HTTP/1.1 404 Not Found
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 82
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNv0vYgsfwR9%2BBUaonDt4ULuaKAwetiK8c0Y0EIJ8Mu5NUaqoDaX3MXcBv2fpmWA5mcI4roRnB4R22BOtx047RoQiFxeeuYr8%2BjKrpsWIZyTJHezI9JMuGyC08tg8xxtVRERH%2F2SGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb1fefc7b4e8-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/2UX7WLTfW3W8TclTUvlFyQ.woff

104.21.47.45

404 Not Found

315 B

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/2UX7WLTfW3W8TclTUvlFyQ.woff
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/Image/2UX7WLTfW3W8TclTUvlFyQ.woff HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

HTTP/1.1 404 Not Found
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 81
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coKF%2F33a8e7BAC1eSP8AhwGhxVInLiqYWvjYxgSkdhxZain2acTzJe98iTJip%2FYR75urMJuS6%2F2mNrpeLylpaFU%2FkriEAvZblpA%2BYakAJ1F%2Bi037OSQFrCCGF27%2B5MF6gK%2B9GSSPpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb205fcab524-OSL
alt-svc: h2=":443"; ma=60

www.remembergirl.com/ALL-C/Image/mnpfi9pxYH-Go5UiibESIj8E0i7KZn-EPnyo3HZu7kw.woff

104.21.47.45

404 Not Found

315 B

URL HTTP/1.1
www.remembergirl.com/ALL-C/Image/mnpfi9pxYH-Go5UiibESIj8E0i7KZn-EPnyo3HZu7kw.woff
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/Image/mnpfi9pxYH-Go5UiibESIj8E0i7KZn-EPnyo3HZu7kw.woff HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/CSS/css.e2f687a79a5c017217d9bc8f923fba6a.css

HTTP/1.1 404 Not Found
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 107
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcal8ACKcGc%2BVrSeF%2FEC%2BJFtDiJdLay3KZTSO%2FeU6t4ehTH91m5iA5VkCbBrbf1dOGwPSrMnVdyYRbdoUt78dc7LIFw6ACQz%2FjDFlNlyJ0sA9iQ0zELUksJGwGNgWW0vgMLP%2F4d2Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb205b82fac0-OSL
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

142.250.74.168

302 Found

250 B

URL HTTP/1.1
www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
250 B (250 bytes)
Hash
5ae78957676cab7159ea2f4a5ea54e50
41a97e656e0281bc7b301c65ba50a2fee8b9032d
0fb531b56a49775ee90eca4a92bd63cc65bb650daafb649424fffd928fe195c6

HTTP Headers

GET /gtm.js?id=GTM-TMR4NP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 08:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

142.250.74.168

200 OK

43 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (14188)
Size
43 kB (42730 bytes)
Hash
4e7bfafdce5254b5b88fb9a968ebf18e
b7d88bbf863d1bb0e459d6898021df561bd516e2
a817041bdb9a13c2ef64db30f5abe218aa3b42dc302b30cf2011b326e6430c62

HTTP Headers

GET /gtm.js?id=GTM-TMR4NP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.remembergirl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 08:19:27 GMT
expires: Tue, 29 Nov 2022 08:19:27 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 08:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.remembergirl.com/ALL-C/favicon.html

104.21.47.45

404 Not Found

245 B

URL HTTP/1.1
www.remembergirl.com/ALL-C/favicon.html
IP
104.21.47.45:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
245 B (245 bytes)
Hash
bb58045e693f1b3dee82b8d743307e01
f32e2fc403bf9f1c5d0bb2c06ca9e2c0f8af8252
856d35da5931d2f04d36b9d4367a7868d106cfc8a59edf17f511ff5dd25aed82

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ALL-C/favicon.html HTTP/1.1
Host: www.remembergirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/ALL-C/index-fr.htm

HTTP/1.1 404 Not Found
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E98AcTqLnPbQafNrCFN76pfjjGcHZNWJOi4RcLz%2FTy%2FNNCdmEZVTRPfgFLit756gcdHkit%2F0d9cy5T%2F8H6c1OuURiPxmBwXfEdjpSxuXHAqL2E6%2BNq3AE5oGZGeC1rIrCy%2BPQ6DJzA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7719eb218950b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 08:08:56 GMT
cache-control: public,max-age=3600
age: 631
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

tsyndicate.com/api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1920211021

136.243.51.205

200 OK

35 B

URL HTTP/1.1
tsyndicate.com/api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1920211021
IP
136.243.51.205:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/06eb0705-463f-4b96-836b-64bf3cfa8631?gtmcb=1920211021 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: 2aceaf6dc3dc09bc
Set-Cookie: ts_rt_06eb0705-463f-4b96-836b-64bf3cfa8631=AM_QaTNGTI8YOWTAkBEjxsIYAQE=; expires=Wed, 29 Nov 2023 08:19:27 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }

tsyndicate.com/api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=2043565880

136.243.51.205

200 OK

35 B

URL HTTP/1.1
tsyndicate.com/api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=2043565880
IP
136.243.51.205:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /api/v1/retargeting/set/e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70?gtmcb=2043565880 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: be561752bb82dc55
Set-Cookie: ts_rt_e61f38d1-37ba-4a3d-9474-c0d9e0d9ea70=AM_QaTNGTA8ZMGjMqGGjBg4cMAIC; expires=Wed, 29 Nov 2023 08:19:27 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
7d682bcd210a486345c3fe9cdc1e49b6
86fcc99920dcdb6415f4ad6cd5aca0eb16b3c6e1
49bf9539ab7e0198a6ff10e0af12baf4340bf31c1254f571a082624b4df428af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 08:19:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 19:46:40 GMT
Expires: Mon, 05 Dec 2022 19:46:39 GMT
Etag: "86fcc99920dcdb6415f4ad6cd5aca0eb16b3c6e1"
Cache-Control: max-age=559031,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7719eb22dd130b51-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3248
Cache-Control: max-age=92496
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 08:19:27 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:01:03 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
98b63f1ddac368e7a2c35a7ae0b3f2e0
da7a656c1bf56f32924d829afc44ed20943b91de
e689c2109690601f8cf37cb073c289267c43a554844aa40ee874bce54f705bb0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120098
Date: Tue, 29 Nov 2022 08:19:28 GMT
Etag: "6384df71-1d7"
Expires: Wed, 30 Nov 2022 17:41:06 GMT
Last-Modified: Mon, 28 Nov 2022 16:18:57 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yN5PHl836c5L9NCDMrjwNy9834ULeS_AOHHKRWVJH4Roj2wGoD-qiA==
Age: 4929

js-agent.newrelic.com/nr-768.min.js

151.101.86.137

200 OK

8.6 kB

URL HTTP/1.1
js-agent.newrelic.com/nr-768.min.js
IP
151.101.86.137:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (22625), with no line terminators
Size
8.6 kB (8634 bytes)
Hash
f609b011c4024aa0568283a441571094
994180dd4c0201a5d4c016a05617d344e3a30db3
e89e8dbcfbf23828890914f8ba633693f3ac5582770e16fde88bfc1baddea9aa

HTTP Headers

GET /nr-768.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 8634
x-amz-id-2: Q1EnXDKzspjfN3szepU4MKsCXAUqrJf2KqLmxnFvrpkmaD72ERRUGmmjQWvWX0OccZwGpG5LIsw=
x-amz-request-id: 37VQ9H3DT5JD5EM1
Last-Modified: Wed, 28 Feb 2018 23:33:43 GMT
ETag: "b4b84a4b4f36d13ffaa93c062b2d3e17"
x-amz-version-id: null
Content-Type: application/javascript
Server: AmazonS3
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=7200, stale-if-error=604800
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 08:19:28 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1675-BMA
X-Cache: HIT
X-Cache-Hits: 5
X-Timer: S1669709968.112814,VS0,VE0
Vary: Accept-Encoding
Cross-Origin-Resource-Policy: cross-origin

main.exoclick.com/tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f&gtmcb=1633732632

95.211.229.247

200 OK

20 B

URL HTTP/1.1
main.exoclick.com/tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f&gtmcb=1633732632
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=68831a8833a4917ff6b2c530dc3a4c1f&gtmcb=1633732632 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 08:19:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A71475%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-11-29%22%3B%7D%7D; expires=Wed, 29 Nov 2023 08:19:28 GMT; path=/; domain=.exoclick.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

main.exoclick.com/tag.php?goal=33d8e6a4225d77ae914dff110feef000&gtmcb=80948468

95.211.229.247

200 OK

20 B

URL HTTP/1.1
main.exoclick.com/tag.php?goal=33d8e6a4225d77ae914dff110feef000&gtmcb=80948468
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=33d8e6a4225d77ae914dff110feef000&gtmcb=80948468 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 08:19:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A80305%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-11-29%22%3B%7D%7D; expires=Wed, 29 Nov 2023 08:19:28 GMT; path=/; domain=.exoclick.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

main.exoclick.com/tag.php?goal=5ca8b60d120434a1134c010ca6272da6&gtmcb=345409628

95.211.229.247

200 OK

20 B

URL HTTP/1.1
main.exoclick.com/tag.php?goal=5ca8b60d120434a1134c010ca6272da6&gtmcb=345409628
IP
95.211.229.247:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /tag.php?goal=5ca8b60d120434a1134c010ca6272da6&gtmcb=345409628 HTTP/1.1
Host: main.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 08:19:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A83337%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-11-29%22%3B%7D%7D; expires=Wed, 29 Nov 2023 08:19:28 GMT; path=/; domain=.exoclick.com;
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

bam.nr-data.net/1/bcc61c6f3d?a=6702766&pl=1669709965907&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=393&fe=522&dc=184&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1669709965907,%22n%22:0,%22dl%22:366,%22di%22:572,%22ds%22:576,%22de%22:582,%22dc%22:915,%22l%22:915,%22le%22:916,%22f%22:-5,%22dn%22:-5,%22dne%22:-2,%22c%22:-1,%22ce%22:-1,%22rq%22:67,%22rp%22:327,%22rpe%22:448%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken

162.247.241.14

301 Moved Permanently

0 B

URL HTTP/1.1
bam.nr-data.net/1/bcc61c6f3d?a=6702766&pl=1669709965907&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=393&fe=522&dc=184&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1669709965907,%22n%22:0,%22dl%22:366,%22di%22:572,%22ds%22:576,%22de%22:582,%22dc%22:915,%22l%22:915,%22le%22:916,%22f%22:-5,%22dn%22:-5,%22dne%22:-2,%22c%22:-1,%22ce%22:-1,%22rq%22:67,%22rp%22:327,%22rpe%22:448%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1/bcc61c6f3d?a=6702766&pl=1669709965907&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=393&fe=522&dc=184&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1669709965907,%22n%22:0,%22dl%22:366,%22di%22:572,%22ds%22:576,%22de%22:582,%22dc%22:915,%22l%22:915,%22le%22:916,%22f%22:-5,%22dn%22:-5,%22dne%22:-2,%22c%22:-1,%22ce%22:-1,%22rq%22:67,%22rp%22:327,%22rpe%22:448%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 301 Moved Permanently
Date: Tue, 29 Nov 2022 08:19:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 29 Nov 2022 09:19:28 GMT
Location: https://bam.nr-data.net/1/bcc61c6f3d?a=6702766&pl=1669709965907&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=393&fe=522&dc=184&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1669709965907,%22n%22:0,%22dl%22:366,%22di%22:572,%22ds%22:576,%22de%22:582,%22dc%22:915,%22l%22:915,%22le%22:916,%22f%22:-5,%22dn%22:-5,%22dne%22:-2,%22c%22:-1,%22ce%22:-1,%22rq%22:67,%22rp%22:327,%22rpe%22:448%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb25bc08b4f9-OSL

push.services.mozilla.com/

44.237.163.41

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.163.41:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: X7R7wnqTx3jQyjjuhlyeOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gWJ0UGAv5V+Dzp/BALzNo5zPeEQ=

162.247.241.14

403 Forbidden

2 B

URL HTTP/1.1
bam.nr-data.net/1/bcc61c6f3d?a=6702766&pl=1669709965907&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=393&fe=522&dc=184&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1669709965907,%22n%22:0,%22dl%22:366,%22di%22:572,%22ds%22:576,%22de%22:582,%22dc%22:915,%22l%22:915,%22le%22:916,%22f%22:-5,%22dn%22:-5,%22dne%22:-2,%22c%22:-1,%22ce%22:-1,%22rq%22:67,%22rp%22:327,%22rpe%22:448%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
IP
162.247.241.14:0
ASN
#23467 NEWRELIC-AS-1

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /1/bcc61c6f3d?a=6702766&pl=1669709965907&v=768.2acc9fa&to=clwKRhdcCFhVR0k3W19SEEAEHEtzdWFG&ap=10&be=393&fe=522&dc=184&f=%5B%5D&perf=%7B%22timing%22:%7B%22of%22:1669709965907,%22n%22:0,%22dl%22:366,%22di%22:572,%22ds%22:576,%22de%22:582,%22dc%22:915,%22l%22:915,%22le%22:916,%22f%22:-5,%22dn%22:-5,%22dne%22:-2,%22c%22:-1,%22ce%22:-1,%22rq%22:67,%22rp%22:327,%22rpe%22:448%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.remembergirl.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Date: Tue, 29 Nov 2022 08:19:28 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 2
Connection: keep-alive
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7719eb25dc33b4f9-OSL

nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=789122788

209.208.78.145

302 Found

246 B

URL HTTP/1.1
nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=789122788
IP
209.208.78.145:0
ASN
#6364 ATLANTIC-NET-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
246 B (246 bytes)
Hash
a458b9ff6a6a0393654c197dfb119a65
584dd1eb0a5dce3e624f58ccd67b7aeca515bcd7
85d18b1b8431b9d903885a69dd31a0480ab778f75482426bd380830015b9759a

HTTP Headers

GET /index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=789122788 HTTP/1.1
Host: nextgencounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.remembergirl.com/

HTTP/1.1 302 Found
Date: Tue, 29 Nov 2022 08:19:28 GMT
Server: Apache
Location: https://nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=789122788
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.godaddy.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
3c9839c89d55f9fbe825db4c90eee1d4
d36b5b0a0a65d592413ede8d42c217c5fda03f38
e97ceb93a81b496718c01a833c0ea7d2fa0cf236691cc04e5fe02275e289b939

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 29 Nov 2022 08:19:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 22:29:17 GMT
Expires: Tue, 29 Nov 2022 22:29:17 GMT
ETag: "d36b5b0a0a65d592413ede8d42c217c5fda03f38"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3183
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 08:19:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3183
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 08:19:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3183
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 08:19:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3183
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 08:19:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3183
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 08:19:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:43:20 GMT
age: 34569
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 37761
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 12428
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7549 bytes)
Hash
415b1b1d5a29fc17b4114bb3df1d1c22
600859401c885cc2cdd1f199cccc198eb41d6a04
abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7549
x-amzn-requestid: bb37235a-8c7d-47fe-abb6-6cc633560165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP-7lHmsoAMF9lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638311e3-1f2a4abc40119f3e026dc393;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:29:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -aUqAfyrtMO0hkr2J2lm5SNNFdtaJj-F2dpBULvXjfOV205Ksm0iHw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 38246
etag: "600859401c885cc2cdd1f199cccc198eb41d6a04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8921 bytes)
Hash
823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
age: 37344
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.9 kB (3944 bytes)
Hash
9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 38246
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3&gtmcb=349246482

52.73.94.161

200 OK

0 B

URL HTTP/2
ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3&gtmcb=349246482
IP
52.73.94.161:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adv_ret/?adv_pixel_id=861&nid=3&gtmcb=349246482 HTTP/1.1
Host: ads.traffichunt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.remembergirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 08:19:28 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: new_adx_profile_guid=d9d32070-85dc-4582-a972-7ac7b73efbd6;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_daily_rt_0=861;Max-Age=56431;Path=/;SameSite=None; Secure
new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure
adx_profile_guid=d9d32070-85dc-4582-a972-7ac7b73efbd6; Max-Age=7776000; Expires=Mon, 27 Feb 2023 08:19:28 GMT; Path=/
3.adx_rt_0=861; Max-Age=7776000; Expires=Mon, 27 Feb 2023 08:19:28 GMT; Path=/
3.adx_daily_rt_0=861; Max-Age=56431; Expires=Tue, 29 Nov 2022 23:59:59 GMT; Path=/
X-Firefox-Spdy: h2

tfosrv.com/retargeting.js?id=981&gtmcb=1837854313

216.18.168.29

200 OK

0 B

URL HTTP/1.1
tfosrv.com/retargeting.js?id=981&gtmcb=1837854313
IP
216.18.168.29:0
ASN
#29789 REFLECTED

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /retargeting.js?id=981&gtmcb=1837854313 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.remembergirl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
server: nginx
date: Tue, 29 Nov 2022 08:19:27 GMT
content-type: text/javascript
transfer-encoding: chunked
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
x-request-id: 6385C08F-D812A81D01BBAE8A-A774136

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP