firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 19:13:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IQsdou1oG-hOLIKVnoN4zJ0agB1mo_suP8Fz2TUqLAEsPU2AgTFgPw==
Age: 3505
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e9b153a15cac2e558a0904e86e52b8a6
d45580d4cb5d8b520649eca2178e4545b6b7bd61
234c375e9a8ecca7bec2823bbd0d394eb6547b3be93b143e6cdab2c8f3525cda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "234C375E9A8ECCA7BEC2823BBD0D394EB6547B3BE93B143E6CDAB2C8F3525CDA"
Last-Modified: Wed, 21 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8206
Expires: Wed, 21 Sep 2022 22:28:53 GMT
Date: Wed, 21 Sep 2022 20:12:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4685
Expires: Wed, 21 Sep 2022 21:30:12 GMT
Date: Wed, 21 Sep 2022 20:12:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cawcPUqRtC8Uu2QsJDbBqKnSw3eWsNJy57PKFIAebSr2BB_Jyhs8rg==
age: 56214
X-Firefox-Spdy: h2
pxlme.me/2uLWdizY
51.15.139.10302 Found 75 B IP 51.15.139.10:0
File type HTML document, ASCII text
Hash 091717773770283d6b3feabf8a448db0
53a2c01f453b2c1aaa81340721a833b1209dcafd
060c587eaab2cb298429e7233109369464fe4f5e8d15e94699ba09a26d12ea3c
Analyzer Verdict Alert openphish Government Service
fortinet Phishing
quad9 Sinkholed
GET /2uLWdizY HTTP/1.1
Host: pxlme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private, max-age=90
Content-Type: text/html; charset=utf-8
Location: https://pixelme.me/phishing?url=https://hm.ru/th3zKv
Date: Wed, 21 Sep 2022 20:12:07 GMT
Content-Length: 75
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 20:12:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e4cd4dd9f4175ae1ed5a12032d22c63
1bfce439a759f1f99b55da41e463574b53ea7afc
9e5ecfcf4e8dded22744db2d1b2ef49fb68e97a2c8c2327a7abff04e50521506
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E5ECFCF4E8DDED22744DB2D1B2EF49FB68E97A2C8C2327A7ABFF04E50521506"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1931
Expires: Wed, 21 Sep 2022 20:44:19 GMT
Date: Wed, 21 Sep 2022 20:12:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 20:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 20:55:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vqByws1sM37dVxuUyqPMbK2MnF0Z7y_Kj3GAloVPoa_0s8n2URgJFg==
Age: 526
pixelme.me/phishing?url=https://hm.ru/th3zKv
99.83.190.102301 Moved Permanently 166 B URL HTTP/2 pixelme.me/phishing?url=https://hm.ru/th3zKv
IP 99.83.190.102:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /phishing?url=https://hm.ru/th3zKv HTTP/1.1
Host: pixelme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 21 Sep 2022 20:12:08 GMT
content-type: text/html
content-length: 166
location: https://www.pixelme.me/phishing?url=https://hm.ru/th3zKv
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c8a54c3ec6cff200a26d9e3c3b10a5c9
4f5008c6ac845a23c68526b73efa2c7c258a574f
b69cda223de1599cef0322540e8092d0f71ae58e303b7f936d7801a70c060059
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B69CDA223DE1599CEF0322540E8092D0F71AE58E303B7F936D7801A70C060059"
Last-Modified: Wed, 21 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=662
Expires: Wed, 21 Sep 2022 20:23:10 GMT
Date: Wed, 21 Sep 2022 20:12:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3645
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:08 GMT
Last-Modified: Wed, 21 Sep 2022 19:11:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.pixelme.me/phishing?url=https://hm.ru/th3zKv
34.253.101.190200 OK 2.8 kB URL HTTP/2 www.pixelme.me/phishing?url=https://hm.ru/th3zKv
IP 34.253.101.190:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2269)
Hash e20d86774b532e4f3193f877e423fdbe
86ea10792db04427e4378360fab68ee57737b6dd
27a4e6bf1bc2d03501fea5e3bebbf5808e46b1accb4f8cd21f247f14f707f72c
GET /phishing?url=https://hm.ru/th3zKv HTTP/1.1
Host: www.pixelme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty
date: Wed, 21 Sep 2022 20:12:08 GMT
content-type: text/html
content-length: 2761
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
age: 0
x-served-by: cache-iad-kcgs7200106-IAD, cache-dub4334-DUB
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1663791128.382240,VS0,VE101
vary: x-wf-forwarded-proto, Accept-Encoding
x-cluster-name: eu-west-1-prod-edge-blue
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/js/pixelme.486add2cd.js
143.204.55.62200 OK 69 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/js/pixelme.486add2cd.js
IP 143.204.55.62:0
File type Unicode text, UTF-8 text, with very long lines (56835)
Hash 32c3327bb24125113162dd60bebc910c
5757987d86041b976504d040ce159a0ca4a0600c
d9acaf53f07264e856abe43c016bf36bb08b5ca40fa5340a6dd6aeb93e2214d9
GET /606485806deaf1f6b4ffdbee/js/pixelme.486add2cd.js HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 69257
last-modified: Thu, 18 Aug 2022 18:18:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: FZOysW1Xhu3DN8Nqk.mYb5fdTKPdVu8y
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 02:30:25 GMT
cache-control: max-age=84600, must-revalidate
etag: "32c3327bb24125113162dd60bebc910c"
vary: Accept-Encoding
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
age: 63704
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rXlPYGDgFtcEG961INXFbXWzWWmwCWepRNJsO56_ddDPGFUwt1ZUPw==
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
143.204.55.62200 OK 27 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css
IP 143.204.55.62:0
File type ASCII text, with very long lines (30536)
Hash a7b3fe9cb976ee1c716785d11803c909
f9d1bbc6183858566339b1c0217c3062c7b9b2ce
9dd2072bef88d197eac5fb79c13852f1b6040b5709ccb4363770933d8a34d9da
GET /606485806deaf1f6b4ffdbee/css/pixelme.46bd86b0e.css HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 26609
last-modified: Thu, 18 Aug 2022 18:18:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: U2N0xnYpwlfgwzI7ghB8nnu6NY078ao_
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 01:13:03 GMT
cache-control: max-age=84600, must-revalidate
etag: "a7b3fe9cb976ee1c716785d11803c909"
vary: Accept-Encoding
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
age: 68346
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6SRh34Bpg8uxkHMPzoAxrKn5Hm4YflRJFmUPFBKfVsFp657uSd_IJA==
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.212.13.96101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.13.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pxcCJroczFlHVU6GSIMfEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g+RwHW/fhIfN9EY/89sapvhantY=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
142.250.74.170200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 22:00:13 GMT
expires: Thu, 14 Sep 2023 22:00:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 598315
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-91053522-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-91053522-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash db388a8b11ecc1b440a3edbd718978a8
7c89e6771dd751cab36e3f3e271bbf169338a856
2497e8c56a5b5d71bed15d864decf6beefde45783ffaf29e3e5f386a2ede39a9
GET /gtag/js?id=UA-91053522-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 20:12:08 GMT
expires: Wed, 21 Sep 2022 20:12:08 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42190
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC
142.250.74.72200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5XSKBTC
IP 142.250.74.72:0
File type ASCII text, with very long lines (19920)
Hash c0883cad16b899c734b7d02d12ee2cb0
3b7311f6efc88554149ab24e07e863311a3d89ef
3e4864315ad40c4ce584acc40bb7da055b037ff6bcc748028d85c8ba7e40b65a
GET /gtm.js?id=GTM-5XSKBTC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 20:12:08 GMT
expires: Wed, 21 Sep 2022 20:12:08 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.weglot.com/projects-settings/4099fc3d7e82ef37a59176ea4e8450100.json
143.204.55.83200 OK 39 kB URL HTTP/2 cdn.weglot.com/projects-settings/4099fc3d7e82ef37a59176ea4e8450100.json
IP 143.204.55.83:0
Hash 5dba3d9ea894c9bf899bc019a279b0de
3085ffe6e0b1d4e006ce226b75d19ecf20a32ed7
b61b87ff941176be401ac444989ffca02acac8118c4b694bd19b8fdf0c28a18a
GET /projects-settings/4099fc3d7e82ef37a59176ea4e8450100.json HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Mon, 19 Sep 2022 09:50:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Mon, 01 Aug 2022 15:19:06 GMT
x-amz-version-id: null
etag: W/"e1c2c5cb0632688dfbb927d413a8d7c0"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: A-DlrCz0PNgp5vsn7Vjz04m0gna30SFucfjhaBDD_OTl3NvQfg09_A==
age: 210081
X-Firefox-Spdy: h2
assets.website-files.com/606485806deaf1f6b4ffdbee/606b0cb0e5289d9aefd0d5a8_nunitosans-black.woff2
143.204.55.62200 OK 38 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/606b0cb0e5289d9aefd0d5a8_nunitosans-black.woff2
IP 143.204.55.62:0
File type Web Open Font Format (Version 2), TrueType, length 38260, version 1.0\012- data
Hash 7ada8fe6859dc129c3bd00cc0574a26d
4c5f703936ae5b6450029af4217868895912b8af
62a55c5999b47d6724ddc16f9094fc5a2e94cbb4f098425ee67cc1e76803ab5a
GET /606485806deaf1f6b4ffdbee/606b0cb0e5289d9aefd0d5a8_nunitosans-black.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://assets.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 38260
date: Sat, 20 Aug 2022 08:53:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 05 Apr 2021 13:12:17 GMT
etag: "7ada8fe6859dc129c3bd00cc0574a26d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 8EFpQYg.ttB..jDq0VQUlNlW.K9uYDVx
accept-ranges: bytes
server: AmazonS3
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
age: 2805526
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2W6_8Nu-ItCxdvLyoKE_BMHH_v8-RJ_MSOqAtGG7HccQbEaaZ-oMgg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f68499f2ba3b2c5aa7e979ee9b4d3a8
67a456fe80bd69aa2fbd0331ba343d1789509d0f
394e18527ce3ad7de2274de2e5e6a7f3fb390e7d6c4f7342ab485b7794e169e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.website-files.com/606485806deaf1f6b4ffdbee/622dfed8a1d15a868dd8c363_favicon.png
143.204.55.62200 OK 842 B URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/622dfed8a1d15a868dd8c363_favicon.png
IP 143.204.55.62:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b44c9ec9be478cef6df8b67cf6099545
1d9d0a7cc79c6383ad2329785bdec9ed8e107610
d8e3dbaad67f1113f18b8d24ff6776d836495ab989ddbf98dc660e8c4086a725
GET /606485806deaf1f6b4ffdbee/622dfed8a1d15a868dd8c363_favicon.png HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 842
date: Sat, 10 Sep 2022 23:08:53 GMT
last-modified: Sun, 13 Mar 2022 14:25:30 GMT
etag: "b44c9ec9be478cef6df8b67cf6099545"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: NJ9BgyItrfbRyy56bQOJWfnBWLBqnEju
accept-ranges: bytes
server: AmazonS3
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
age: 939796
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DaTMXCfNwy1XzAdrxsv2BqkhXFJQLywob609xVyGfk5gwq4hF5SnPg==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
142.250.74.10200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic
IP 142.250.74.10:0
Hash 88e0ff909bc8893c38f038640bb86f56
796161c08ad72416d20232fb0c282f77c06b1f19
b888dc9d7b7b8a8932c69143eebd587e0c91fbffdb4538efdd54758d972777af
GET /css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 20:12:08 GMT
date: Wed, 21 Sep 2022 20:12:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-T2TLM22
142.250.74.46200 OK 43 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-T2TLM22
IP 142.250.74.46:0
File type ASCII text, with very long lines (1720)
Hash 1ff8d2bdba90bf1b11eba7656ecdf114
9614c8321d632923de87d1c6423c2e62bf0ec101
3c85544bda4aded6a9515f4a4734165d7a88d40cede92408122d2f9f60404692
GET /optimize.js?id=OPT-T2TLM22 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 20:12:09 GMT
expires: Wed, 21 Sep 2022 20:12:09 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/gb.svg
143.204.55.83200 OK 607 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/gb.svg
IP 143.204.55.83:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 006007133f2f5769b083935b65c12e4e
ffcd6eeee4c340fa7d008caf887419e027bcfc25
720d4a3364adb0f6dab95c8339fc8538a4388e302b8a8173d401e8471998ebf1
GET /flags/rectangle_mat/gb.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 607
date: Mon, 19 Sep 2022 09:50:46 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:29 GMT
x-amz-version-id: null
etag: "006007133f2f5769b083935b65c12e4e"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9qp1EuVEGNd78uzYChHhngcIhMQPhBREIzIKv2OoK6yRkBC_guFMnA==
age: 210084
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/fr.svg
143.204.55.83200 OK 361 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/fr.svg
IP 143.204.55.83:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bd4e571babcb06df9fc0c931f8d65683
5ee7ed5552a6b7383a0525d634b65e720af4e9c0
4d64cc6ca0696fecc817f893a5ef9f6652ff3d613ab65192ef458ce3b542f192
GET /flags/rectangle_mat/fr.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 361
date: Mon, 19 Sep 2022 09:50:46 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:30 GMT
x-amz-version-id: null
etag: "bd4e571babcb06df9fc0c931f8d65683"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _FnWFLjSI2wGH_ppFPRVMVJQb59fZxah81wQl6jwDQGQiTxeieA00w==
age: 210084
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 278f9bd40c3025031608f8b85d26255b
0bcdf1a8df393c9f76d537ed47649e3abd15050e
eb8c787b4cd37942a131973c159d634323e2d680aa18041225ec946d507a9a3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB8C787B4CD37942A131973C159D634323E2D680AA18041225EC946D507A9A3F"
Last-Modified: Wed, 21 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6918
Expires: Wed, 21 Sep 2022 22:07:27 GMT
Date: Wed, 21 Sep 2022 20:12:09 GMT
Connection: keep-alive
cdn.weglot.com/flags/rectangle_mat/it.svg
143.204.55.83200 OK 361 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/it.svg
IP 143.204.55.83:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 70b02da9cb6cfbccdbd3497cfd2b36af
8aed56ed3359cf07cacafaab908cfb855183e87b
251214b83e86ba6b8ba5d810089b699d7cd43c9e4bbce2158655469a1af29852
GET /flags/rectangle_mat/it.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 361
date: Mon, 19 Sep 2022 09:50:46 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:29 GMT
x-amz-version-id: null
etag: "70b02da9cb6cfbccdbd3497cfd2b36af"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: x-1xGSSPvl3peFFgfXnyVRW8SdHIXG2wnRH6U6akKPoKm6UMu7jzLA==
age: 210084
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1fe1db796ca169268e9611df20809efb
43f6a046d1a3f343df0c109d5075116ce4fa0552
be588254c27948b82ef6a72c32973ddd0d1c6b6e4e1c90e55e17a0c063e7cb93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE588254C27948B82EF6A72C32973DDD0D1C6B6E4E1C90E55E17A0C063E7CB93"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2215
Expires: Wed, 21 Sep 2022 20:49:04 GMT
Date: Wed, 21 Sep 2022 20:12:09 GMT
Connection: keep-alive
cdn.weglot.com/flags/rectangle_mat/de.svg
143.204.55.83200 OK 282 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/de.svg
IP 143.204.55.83:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 230a0b62d812d0af63f6850de2dfd386
35d0fd3cb2f6bb920d15c20115d2a14ffdc1a2c4
24af178a9f462202ed967edb00c6e975aabb0a71f8bfbb8fb0062717e4931d06
GET /flags/rectangle_mat/de.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 282
date: Mon, 19 Sep 2022 09:50:46 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:28 GMT
x-amz-version-id: null
etag: "230a0b62d812d0af63f6850de2dfd386"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GR_IjrCwi6eUQEXCzQvoq3DP0bBQ6wioibPiIpLPtRWDQAbc-MP8ow==
age: 210084
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/ru.svg
143.204.55.83200 OK 355 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/ru.svg
IP 143.204.55.83:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash be178f7317c9dddbd8a49226f6fc128c
10cabb57bdc8bc5ee609f03a432f455a8d038499
af9c0b316df61878613a6142ae625a4c20dd30685d6c0d480deef933f1c90640
GET /flags/rectangle_mat/ru.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 355
date: Mon, 19 Sep 2022 09:50:54 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:31 GMT
x-amz-version-id: null
etag: "be178f7317c9dddbd8a49226f6fc128c"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vh_Ryu87EUOiaAX7WotgYw5jWvw1P6VgG10au6pyxZn787lMpOjjqA==
age: 210076
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.website-files.com/606485806deaf1f6b4ffdbee/60cbc040028f9e2c1721688b_undraw_alert_mc7b%20(1).svg
143.204.55.62200 OK 2.9 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/60cbc040028f9e2c1721688b_undraw_alert_mc7b%20(1).svg
IP 143.204.55.62:0
Hash 0af9c3a94172d987fca68b6a411e4c85
36ef2178435c5525b1fb4737039f87573bdb6800
f82e99a82eba7e5e6800acf425c5a2834f556e6313c19ca45d4ba8225d03a392
GET /606485806deaf1f6b4ffdbee/60cbc040028f9e2c1721688b_undraw_alert_mc7b%20(1).svg HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 30 Aug 2022 02:47:36 GMT
last-modified: Thu, 17 Jun 2021 21:36:01 GMT
etag: W/"83e5fff4eec3d21d07b0da1ae7216d34"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: BaLoIeEKYeJ75LZZDVIPz2KpPwlCQGZT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
age: 1963473
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SN7BPn4qt0EKmMUctNBjAdpO1FZ_M8tsp4HP94McN6ZxSpT7ZNm6Ew==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 97308
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 128468
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24448, version 1.0\012- data
Hash 865e46af816320c9f32234e8968558d0
6791e9f732fcbde0f375f84ccbc14c4ac72795a3
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
GET /s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:27:46 GMT
expires: Wed, 20 Sep 2023 17:27:46 GMT
cache-control: public, max-age=31536000
age: 96263
last-modified: Tue, 26 Apr 2022 16:41:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:02:00 GMT
expires: Tue, 19 Sep 2023 20:02:00 GMT
cache-control: public, max-age=31536000
age: 173409
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:15:31 GMT
expires: Wed, 20 Sep 2023 17:15:31 GMT
cache-control: public, max-age=31536000
age: 96998
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 97308
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23736, version 1.0\012- data
Hash e2cad968cb158b719d38375c5b4c2855
f70e8c03147accc3b9006a285998cb6c04cc19d9
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
GET /s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 07:00:52 GMT
expires: Fri, 15 Sep 2023 07:00:52 GMT
cache-control: public, max-age=31536000
age: 565877
last-modified: Tue, 26 Apr 2022 15:50:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17072, version 1.0\012- data
Hash a049f4c6bcb907e3d451bdb388c8e86f
f6261c1401a8a0f31ae74fb9ef7ab6dfec3ef1b6
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
GET /s/lato/v23/S6u-w4BMUTPHjxsIPx-oPCI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 18:26:00 GMT
expires: Wed, 20 Sep 2023 18:26:00 GMT
cache-control: public, max-age=31536000
age: 92769
last-modified: Tue, 26 Apr 2022 16:41:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 17728, version 1.0\012- data
Hash 9d09d1df90538b11770ec5f593b6d792
6e117eeeda54f443063becf094332b362e19abb8
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
GET /s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 02:04:11 GMT
expires: Sun, 17 Sep 2023 02:04:11 GMT
cache-control: public, max-age=31536000
age: 410878
last-modified: Tue, 26 Apr 2022 16:10:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.weglot.com/weglot.min.js
143.204.55.83200 OK 50 kB URL HTTP/2 cdn.weglot.com/weglot.min.js
IP 143.204.55.83:0
Hash 2d0f7fbea0a2999c289d41a03ed043d7
3391b85b17fcae6efdf7801209397be5fe23a832
802403a29ef0a83a9daeb89f1337f559f0ec655add0235d6ef5e32a22d7af067
GET /weglot.min.js HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 Sep 2022 08:18:16 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Wed, 21 Sep 2022 19:50:44 GMT
cache-control: max-age=1800
etag: W/"bbf9fcf19fa4465dbc2e9cbd4be51557"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dVIn9w9qH_ncldoPyEevrh7L9hLUNeJNJkfySlmkacRW7qTmNgp3vA==
age: 1284
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.163200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 18:59:14 GMT
expires: Tue, 19 Sep 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 177175
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/PnMTcgHcyV8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/PnMTcgHcyV8
IP 142.250.74.3:0
Hash 118bcc53fa0ccb26585c83dd5360ad72
8fe4447d464f06d770b105263de55f4d8bd4e1d0
da1be58e3fc3b299f16f38b7b1f21eebbd75f0accdcdfd3aee3dae112babae10
POST /s/gts1d4/PnMTcgHcyV8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0c3d443b13e8ff218aeef75b4e99bfb7
8264e01c5c75b9ff04d3b6b343471d0da4b82c8d
dc7780e38c72d75a621c33c00a69d1a31128ad57746adc36aa794eb707d6f52d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2
142.250.74.163200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 21508, version 1.0\012- data
Hash 24b8a8abbec56ab127adc36e35f49bb3
0906975d70856ef3df1ae3d91db5d29687981c3f
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
GET /s/lato/v23/S6u8w4BMUTPHh30AXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21508
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:41:56 GMT
expires: Wed, 20 Sep 2023 17:41:56 GMT
cache-control: public, max-age=31536000
age: 95413
last-modified: Tue, 26 Apr 2022 15:46:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash de43911270953698f8401b4713287248
817ace52747c936ba87dd62d128c459d4d21a661
c74f8b78e50befb9e6b4afa88b976de934b6c76a70f626692d1f2d0304274454
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1495
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Last-Modified: Wed, 21 Sep 2022 19:47:14 GMT
Server: ECS (amb/6BB0)
X-Cache: HIT
Content-Length: 280
cdn.pixelme.me/pix.min.js
35.241.37.126200 OK 16 kB URL HTTP/2 cdn.pixelme.me/pix.min.js
IP 35.241.37.126:0
File type ASCII text, with very long lines (8360)
Hash e70eff749e09521f05ccda0a3d84f359
6b281f497a6f926efab476abefee1fc6f806d5da
3d625081195d8f6f3fec647c35950d9781ba2e4c4061abf3a8b5d63c69e75464
GET /pix.min.js HTTP/1.1
Host: cdn.pixelme.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Cookie: pxlme=eyJyZWZlcnJlciI6IiJ9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtGJ8MD1Y-BwJLtbqev1yTKMFTaeolTfcBTCYXa2uMNw9lk56-iI1g7WeoGNDl2cAY9jFtFEn9QSF7gyYv_i9Zq4g
x-goog-generation: 1574675467274473
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 16282
content-encoding: gzip
x-goog-hash: crc32c=MKgscA==, md5=5w7/dJ4JUh8FzNoKPYTzWQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 16282
server: UploadServer
date: Wed, 21 Sep 2022 19:31:15 GMT
expires: Wed, 21 Sep 2022 20:31:15 GMT
cache-control: public, max-age=3600
age: 2454
last-modified: Mon, 25 Nov 2019 09:51:07 GMT
etag: "e70eff749e09521f05ccda0a3d84f359"
content-type: application/x-javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion.js
172.217.21.162200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (1952)
Hash f65df5bfeba7e45702bc6b4be768c7e3
7d49820b96edede6e587650ecd387cab1b29951d
7d9314961f09f17bb248d0ee2c99481fce2d8d7d9d3297ffe98d2538d2f1caff
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 21 Sep 2022 20:12:09 GMT
expires: Wed, 21 Sep 2022 20:12:09 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17680024240845530123
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 17403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/PnMTcgHcyV8
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/PnMTcgHcyV8
IP 142.250.74.3:0
Hash 118bcc53fa0ccb26585c83dd5360ad72
8fe4447d464f06d770b105263de55f4d8bd4e1d0
da1be58e3fc3b299f16f38b7b1f21eebbd75f0accdcdfd3aee3dae112babae10
POST /s/gts1d4/PnMTcgHcyV8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 682477608532cf0f939b82148a7d996c
53f5564723f8ca88bf990fb2e4de8ffd8000c96f
4f89314a758da9c42d7ab1c97f8794e3c10ed59112f6bad7f02f8b63fc24a3a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
plausible.io/api/event
194.242.11.186202 Accepted 2 B IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /api/event HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 106
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Wed, 21 Sep 2022 20:12:09 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: BunnyCDN-NO-830
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: must-revalidate, max-age=0, private
application: 10.0.0.8
permissions-policy: interest-cohort=()
x-request-id: Fxb5N48j9CEPRNcagB-E
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 202
cdn-cachedat: 09/21/2022 20:12:09
cdn-edgestorageid: 830
cdn-status: 202
cdn-requestid: 8ce6b9e27db088578023db6936076f65
X-Firefox-Spdy: h2
grsm.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
104.18.10.212200 OK 0 B URL HTTP/2 grsm.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
IP 104.18.10.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi HTTP/1.1
Host: grsm.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 20:12:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.pixelme.me
p3p: CP="This is not a P3P policy! See our docs for more info."
x-envoy-upstream-service-time: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e5743e29a80b65-OSL
X-Firefox-Spdy: h2
partnerlinks.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
104.18.30.133200 OK 0 B URL HTTP/2 partnerlinks.io/pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi
IP 104.18.30.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pr/gpk/pk_CvbvnFSfdsEjrmQ757MmhFmtDqd3BmFi HTTP/1.1
Host: partnerlinks.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 20:12:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.pixelme.me
access-control-allow-credentials: true
p3p: CP="This is not a P3P policy! See our docs for more info."
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e5743f3e38b512-OSL
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=13541
date: Wed, 21 Sep 2022 20:12:09 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Wed, 21 Sep 2022 20:12:09 GMT
x-served-by: cache-iad-kcgs7200026-IAD, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 18:41:12 GMT
expires: Wed, 21 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 5457
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=3424E1C2B585626F23E8F3E4B4706377; domain=.bing.com; expires=Mon, 16-Oct-2023 20:12:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 058787281DFF41E38A587827AC35FAC9 Ref B: OSL30EDGE0116 Ref C: 2022-09-21T20:12:09Z
date: Wed, 21 Sep 2022 20:12:08 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/837753914/?random=1663791129152&cv=9&fst=1663791129152&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/837753914/?random=1663791129152&cv=9&fst=1663791129152&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2184), with no line terminators
Hash 0cfa95d62c6aee0661744cb25ff5198f
454e7dc395756a6a69dbd4e8350917c6edbe9141
3c13c087bff83680bf22e05608e989ee8abd4a36de3bbbbb7f03fd07efaaaf3c
GET /pagead/viewthroughconversion/837753914/?random=1663791129152&cv=9&fst=1663791129152&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 20:12:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1014
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 20:27:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15af330272b65861c93c7f989a284e90
e3cf4e4108bc8e68819f82722fb6ca11392cdb34
7ebccd17f3283cfcd086121a089c9de4699284acf5809695d7a364835518ec1a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1fe1db796ca169268e9611df20809efb
43f6a046d1a3f343df0c109d5075116ce4fa0552
be588254c27948b82ef6a72c32973ddd0d1c6b6e4e1c90e55e17a0c063e7cb93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE588254C27948B82EF6A72C32973DDD0D1C6B6E4E1C90E55E17A0C063E7CB93"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2215
Expires: Wed, 21 Sep 2022 20:49:04 GMT
Date: Wed, 21 Sep 2022 20:12:09 GMT
Connection: keep-alive
assets.website-files.com/606485806deaf1f6b4ffdbee/62bed1e9e454d750c42f601d_Object%20Sans%20Bold.ttf
143.204.55.62200 OK 29 kB URL HTTP/2 assets.website-files.com/606485806deaf1f6b4ffdbee/62bed1e9e454d750c42f601d_Object%20Sans%20Bold.ttf
IP 143.204.55.62:0
Hash d7a8cc806de9349dd5c6c60a12418cd3
486379077f84e94bedf5a6207bba1f6e249439ac
644445276dde374d4c9edd4353ab0535d23877c413c59d2992e2f5dd72c647ce
GET /606485806deaf1f6b4ffdbee/62bed1e9e454d750c42f601d_Object%20Sans%20Bold.ttf HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://assets.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-ttf
date: Sat, 20 Aug 2022 01:57:33 GMT
last-modified: Fri, 01 Jul 2022 10:53:46 GMT
etag: W/"2c92bbf252044dd4594cb48e25430c22"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: XCU0OzSzzA43uGjcmcixEWfYSiQTwqve
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
age: 2830476
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OpIO60d7XlhKhE8S4Ehf7vg9M_soWHv0TEAyKH41QFGbZ63DZ2I0Dg==
X-Firefox-Spdy: h2
snippet.growsumo.com/growsumo.min.js
104.18.3.70200 OK 3.4 kB URL HTTP/2 snippet.growsumo.com/growsumo.min.js
IP 104.18.3.70:0
File type C source, ASCII text, with very long lines (6320)
Hash c3065da81207dfa2350de62db4008c90
a6527f9db48673b6c0ccb1fc57857d29dccc6ee1
2f88fc08cadf71fbe2e92751ba20f1f0f227b7856c940475f1b9300d3560e404
GET /growsumo.min.js HTTP/1.1
Host: snippet.growsumo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 20:12:09 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 14:09:46 GMT
etag: W/"6329c9aa-18b1"
cache-control: public, max-age=14400
via: 1.1 google
cf-cache-status: HIT
age: 25
expires: Thu, 22 Sep 2022 00:12:09 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e5743ceaceb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=06f9e905-354c-44a6-8d4d-b36ee13c00fa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd6ecfb9-c795-4258-a5ed-47f4d53de40c&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=06f9e905-354c-44a6-8d4d-b36ee13c00fa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd6ecfb9-c795-4258-a5ed-47f4d53de40c&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=06f9e905-354c-44a6-8d4d-b36ee13c00fa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd6ecfb9-c795-4258-a5ed-47f4d53de40c&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 20:12:09 GMT
server: tsa_o
set-cookie: muc_ads=0bb91f35-39dd-4147-84d9-db66a1c93ead; Max-Age=63072000; Expires=Fri, 20 Sep 2024 20:12:09 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: 8c64b1d9e08af845941f596410b9e674f408c567027b03aa5ee5e1defda15863
X-Firefox-Spdy: h2
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=de&v=1653069479
54.230.111.125200 OK 505 B URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=de&v=1653069479
IP 54.230.111.125:0
Hash 3f585b6f5406eee3c4594b844e445e50
f5809faa3889001da970d95e64e956ec2094f356
20449e39c557d724678ff1927f67509b11171c62eeb2d371a028e4ac0a1db75d
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=de&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sat, 28 May 2022 05:48:15 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-4f39b438fe7f74b1f10af64e5253771b' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Sat, 28 May 2022 05:48:15 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0UGr65FRArN1wDsnMjn9S1M0i-s8c-PowYoLElvh5Vw9AX4mG5KXVA==
age: 10074234
X-Firefox-Spdy: h2
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=it&v=1653069479
54.230.111.125200 OK 505 B URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=it&v=1653069479
IP 54.230.111.125:0
Hash 3f585b6f5406eee3c4594b844e445e50
f5809faa3889001da970d95e64e956ec2094f356
20449e39c557d724678ff1927f67509b11171c62eeb2d371a028e4ac0a1db75d
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=it&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sat, 21 May 2022 00:27:31 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-59a320d6ac236e815c9d535327a32f03' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Sat, 21 May 2022 00:27:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _urK7tTn5TgZ66OfPS3hqv3Cnc0GXBCyAMvH9EDYoqgunCGllQ0ysQ==
age: 10698278
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=26035908&tm=gtm002&Ver=2&mid=851ec768-0eb1-42c4-9216-fa83500a0fef&sid=ac1324a039e911eda19045ea6ebdf1d4&vid=ac133c3039e911ed974acb2a1dbab09b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Phishing&p=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&r=<=1589&evt=pageLoad&sv=1&rn=695965
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=26035908&tm=gtm002&Ver=2&mid=851ec768-0eb1-42c4-9216-fa83500a0fef&sid=ac1324a039e911eda19045ea6ebdf1d4&vid=ac133c3039e911ed974acb2a1dbab09b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Phishing&p=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&r=<=1589&evt=pageLoad&sv=1&rn=695965
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=26035908&tm=gtm002&Ver=2&mid=851ec768-0eb1-42c4-9216-fa83500a0fef&sid=ac1324a039e911eda19045ea6ebdf1d4&vid=ac133c3039e911ed974acb2a1dbab09b&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Phishing&p=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&r=<=1589&evt=pageLoad&sv=1&rn=695965 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=00FA7A385822672E30F6681E59D76608; domain=.bing.com; expires=Mon, 16-Oct-2023 20:12:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C175F19B35F4173AAA401DE3EFF02EA Ref B: OSL30EDGE0116 Ref C: 2022-09-21T20:12:09Z
date: Wed, 21 Sep 2022 20:12:09 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2939
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 20:12:09 GMT
Connection: keep-alive
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=ru&v=1653069479
54.230.111.125200 OK 12 kB URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=ru&v=1653069479
IP 54.230.111.125:0
Hash 7ea4958200af869f2c5600e3ec02c619
1e61da7683cd9d4d98b27e2aff18c29a20efbde3
a9590800feb35c4682e623ca18bb462aa4c9df0a458ce6200ffadc96dd61dee3
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=ru&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Wed, 25 May 2022 07:47:20 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-9e9c8c79e9e3846aa4ab341ba205262e' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Wed, 25 May 2022 07:47:20 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _UoCIExA7igENpg4XPHQ8Ll7kgIcsAgmDrMFiTRw4NgnmOyh5oK7Sw==
age: 10326289
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 267173c6b4e4e6ae4a84dc08df92f82f
4183102af1963e1edb3aa572c43aeda7d855e9f5
20487bb2e59f2e6afcaaac3e3c4f1dfec9a8ef761403a44f7f92a6b57d143714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9271
x-amzn-requestid: b8139dfc-8f24-41e0-9948-56bad215416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0Q-EkZoAMF_sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a3406-4365026f7f832cee0c12e4d7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhTzqhSMCDgWwTSsmfM_3jBwV-g0fVABMLy-gwrjoxaoE4VomNqahg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:38:46 GMT
age: 77604
etag: "4183102af1963e1edb3aa572c43aeda7d855e9f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2938
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 20:12:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1976af26c5d4a671c8298bffafc90ce3
9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8
2349b9e1233d43cf8d0ff273f8bf6147dda00314fd631a81cb278ce0b8e32684
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc349860f-d61d-42ea-8638-7ebcefe23e00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12545
x-amzn-requestid: 6720348a-0245-486b-a978-2df18eb4bd43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7YKHayIAMFo1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325729a-2601f775219651777cba839c;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:09:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NdQpOGtyA7AxpmkvFf3K3IrkgSku9QQzQ4BvpoRfTv16Kj1Gr6n7oA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:34:13 GMT
age: 45477
etag: "9b17ad091f936a8dd50126ce9ad5f9a7fd7d55f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
grow.clearbitjs.com/api/pixel.js?v=1663791128796
216.24.57.3200 OK 1.3 kB URL HTTP/2 grow.clearbitjs.com/api/pixel.js?v=1663791128796
IP 216.24.57.3:0
Hash 64817f88f408180d0ccc8adf915346cd
b7d47dae0cba70e72ba5d143ce4ad524c7bc57df
b60c619a2cf01529bd421efada521cb2bcdfb65e4fcdb29feeab648716cbbca8
GET /api/pixel.js?v=1663791128796 HTTP/1.1
Host: grow.clearbitjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 20:12:09 GMT
content-type: text/javascript
cf-ray: 74e5743d2ba7b51d-OSL
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.hotjar.com/modules.f4179535429bf14e77ee.js
143.204.55.46200 OK 65 kB URL HTTP/2 script.hotjar.com/modules.f4179535429bf14e77ee.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 4a99ec558aff503901b33da3d9b4ec1b
83d1a24dacc650c18594a5334ae15a144b5704ec
ad082098bddf0eed29c4d958450687924b052f783a834f58e59495e0c8f3143b
GET /modules.f4179535429bf14e77ee.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 65420
date: Tue, 20 Sep 2022 16:01:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4a99ec558aff503901b33da3d9b4ec1b"
last-modified: Tue, 20 Sep 2022 16:00:26 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qr-nsldlAafUXkR-6ls0Gw6IqAumkkhWb64G92Ak5w6hGT6xo9LHOQ==
age: 101463
X-Firefox-Spdy: h2
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=fr&v=1653069479
54.230.111.125200 OK 10 kB URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=fr&v=1653069479
IP 54.230.111.125:0
Hash 4a218a010b0ff324e5f8f9e3d52512c3
c35d6519838ed10d9ad4a419cf1e4124d205a611
0c916176cb3298737ac731ff05573bfab669edda83c0eab52a35531a8c9ae64f
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=fr&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Tue, 24 May 2022 00:21:28 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-d3e74acb9f9e67c2657b58f6a5cee29f' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Tue, 24 May 2022 00:21:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: du4fUd9WgzkEAorMIETWCbVyfYitmYBsSUjHrq_2xy3_IzIPWt9_vA==
age: 10439441
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=es&v=1653069479
54.230.111.125200 OK 6.7 kB URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=es&v=1653069479
IP 54.230.111.125:0
Hash fc274fb33d32e5264cd353064f683a21
10c39f9dc8d78ea93160db35ea3664fd51ce3c4c
bcbf56e6e5ea2bb41a86d8bfeb33065b79db58c2d43c88fae7bd31b07607f606
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=es&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Fri, 27 May 2022 06:52:53 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-77f1047b304c114a309dba3567a25e34' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Fri, 27 May 2022 06:52:53 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cte-xse72iTZvzPfmjaKKFrg2xOrYSR2pzv43bPphEj3uN4QHQ8RTQ==
age: 10156756
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3ecd92ddcb5a1e93fd43b968f002e5d0
e88db3017eb9969c758bca8f48b14f5fb6e7cd93
0113db4a7496f8a8c6138d4f5824697f5b90c082763fb770a827b403448b6540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3043
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:10 GMT
Last-Modified: Wed, 21 Sep 2022 19:21:27 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
bat.bing.com/p/action/26035908.js
204.79.197.200200 OK 667 B URL HTTP/2 bat.bing.com/p/action/26035908.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 03b66db7ed6a557d3effa4ec391f2d4e
ead4f7a9bac6ffebe2ed6e29273de4b55444441c
f2e59edf30571f8323847200d8023656625ec7ee55276c0c4946e6a9c5628891
GET /p/action/26035908.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 667
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=2C5D9BCDCB5E66C5269989EBCAAB6787; domain=.bing.com; expires=Mon, 16-Oct-2023 20:12:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5185029C6F848A583CAA1835F8C5767 Ref B: OSL30EDGE0116 Ref C: 2022-09-21T20:12:09Z
date: Wed, 21 Sep 2022 20:12:09 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/837753914/?random=1663791129152&cv=9&fst=1663790400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&fmt=3&is_vtc=1&random=4190886830&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/837753914/?random=1663791129152&cv=9&fst=1663790400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&fmt=3&is_vtc=1&random=4190886830&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/837753914/?random=1663791129152&cv=9&fst=1663790400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&fmt=3&is_vtc=1&random=4190886830&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 20:12:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/837753914/?random=1663791129152&cv=9&fst=1663790400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&fmt=3&is_vtc=1&random=4190886830&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/837753914/?random=1663791129152&cv=9&fst=1663790400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&fmt=3&is_vtc=1&random=4190886830&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/837753914/?random=1663791129152&cv=9&fst=1663790400000&num=1&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tiba=Phishing&fmt=3&is_vtc=1&random=4190886830&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 20:12:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1663791129462&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1663791129462&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=603540&time=1663791129462&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D603540%26time%3D1663791129462%26url%3Dhttps%253A%252F%252Fwww.pixelme.me%252Fphishing%253Furl%253Dhttps%253A%252F%252Fhm.ru%252Fth3zKv%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIJrS3Nom6-NgAAAYNhreXWsuvGBWIWax-zDsjakkd_FNrNJI_c7W9eWTpz6qTz3V3iq09MSA8EPw; Max-Age=2592000; Expires=Fri, 21 Oct 2022 20:12:10 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIFG9xzUvXlpAAAAYNhreXWLr86qunpK4JmAIggP5JBytPvfT38ToIJGLSoBGPd3slLQXexIy65pg8gNhkBfQ; Max-Age=2592000; Expires=Fri, 21 Oct 2022 20:12:10 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&9980da03-c582-4415-8508-b87e18912686"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Sep-2023 20:12:10 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2391:u=1:x=1:i=1663791130:t=1663877530:v=2:sig=AQG3Pfx4WgOfLImj0xCNdxtuSlNErfE6"; Expires=Thu, 22 Sep 2022 20:12:10 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpNY9JpddG01J51GwKlg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C8141437D1854BB4A8F9668E449514AB Ref B: OSL30EDGE0412 Ref C: 2022-09-21T20:12:10Z
date: Wed, 21 Sep 2022 20:12:09 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=06f9e905-354c-44a6-8d4d-b36ee13c00fa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd6ecfb9-c795-4258-a5ed-47f4d53de40c&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=06f9e905-354c-44a6-8d4d-b36ee13c00fa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd6ecfb9-c795-4258-a5ed-47f4d53de40c&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=06f9e905-354c-44a6-8d4d-b36ee13c00fa&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd6ecfb9-c795-4258-a5ed-47f4d53de40c&tw_document_href=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxviw&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 20:12:09 GMT
server: tsa_o
set-cookie: personalization_id="v1_CznGan71LA4Z1xt6ThVdnA=="; Max-Age=63072000; Expires=Fri, 20 Sep 2024 20:12:10 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
strict-transport-security: max-age=631138519
x-response-time: 106
x-connection-hash: fd6e480b2f31b00682079aa0bb439bdb1f8816a13829feac215127b1ecfa118d
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-91053522-1&cid=209615879.1663791130&jid=665493687&gjid=872540341&_gid=798220243.1663791130&_u=YEBAAUAAQAAAAC~&z=1777256794
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-91053522-1&cid=209615879.1663791130&jid=665493687&gjid=872540341&_gid=798220243.1663791130&_u=YEBAAUAAQAAAAC~&z=1777256794
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-91053522-1&cid=209615879.1663791130&jid=665493687&gjid=872540341&_gid=798220243.1663791130&_u=YEBAAUAAQAAAAC~&z=1777256794 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.pixelme.me
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 20:12:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 20:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D603540%26time%3D1663791129462%26url%3Dhttps%253A%252F%252Fwww.pixelme.me%252Fphishing%253Furl%253Dhttps%253A%252F%252Fhm.ru%252Fth3zKv%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D603540%26time%3D1663791129462%26url%3Dhttps%253A%252F%252Fwww.pixelme.me%252Fphishing%253Furl%253Dhttps%253A%252F%252Fhm.ru%252Fth3zKv%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D603540%26time%3D1663791129462%26url%3Dhttps%253A%252F%252Fwww.pixelme.me%252Fphishing%253Furl%253Dhttps%253A%252F%252Fhm.ru%252Fth3zKv%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1663791129462&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&c4f3dda5-2974-4227-88b1-a81f992ed51b"; Domain=.linkedin.com; Expires=Thu, 21-Sep-2023 20:12:10 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202209212012107b584f95-dcd6-4cc7-837b-e1d62d9cfc4cAQHvv2OFMH5Ntalolp3o27DtaP8I8ozn"; Domain=.www.linkedin.com; Expires=Thu, 21-Sep-2023 20:12:10 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjM3OTExMzA7MjswMjH7sym5MIfwDxNhmQ3drKGvDNSV0eM/Hz/UQYmrNq6SQA==; Domain=.linkedin.com; Expires=Mon, 20 Mar 2023 20:12:10 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2387:u=1:x=1:i=1663791130:t=1663877530:v=2:sig=AQEYPHvo9xYLkrx8b76azqqGIecjDHpl"; Expires=Thu, 22 Sep 2022 20:12:10 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpNY9MoUKYg876+8MqfA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3A42268AD26F4212B62A9150BB80A113 Ref B: OSL30EDGE0412 Ref C: 2022-09-21T20:12:10Z
date: Wed, 21 Sep 2022 20:12:09 GMT
content-length: 0
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/2279645?s=0.25&r=0.20568876314118056
54.230.111.8204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/2279645?s=0.25&r=0.20568876314118056
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/2279645?s=0.25&r=0.20568876314118056 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Wed, 21 Sep 2022 20:12:10 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HbOu7S5aeLWQnuC7fOtvvJbqPOwMjhUq-q_Ea6u_S2GGLomeQN_u6w==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 655ff0e63f891636a3a29741caff2adc
95d6d0a29057e50f95406f0884a909f7f8b76a5e
dc7eaefc15edb0acff4070a4a6b9c798f152c4708be0af3a142c1b76c685f217
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 20:12:10 GMT
Last-Modified: Wed, 21 Sep 2022 18:55:32 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L3knI89CH3xfMsHZvi-RiKqdiqTfDCLMAoXEecmqNWTyQbV1kWIxOw==
Age: 4598
www.clarity.ms/tag/uet/26035908
13.107.246.53200 OK 1.7 kB URL HTTP/2 www.clarity.ms/tag/uet/26035908
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1734), with no line terminators
Hash 6404da762f06644939ec7c6984251ce1
0e47c6f4af2de661ac994f12decced2fe78e9cf4
52c2baf126b3248ea0f5188ba81d9a6d51aae5c6977b0d8445cd3068d455a4fd
GET /tag/uet/26035908 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1734
content-type: application/x-javascript
expires: -1
set-cookie: CLID=09983b41cfd34fa2af0056c47707aad1.20220921.20230921; expires=Thu, 21 Sep 2023 20:12:10 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0GnArYwAAAAChD795YM0/TJJnGn6UBsYOTE9OMjFFREdFMTYxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 21 Sep 2022 20:12:09 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.40/clarity.js
13.107.246.53200 OK 23 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.40/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54745)
Hash 6a87d835543a151541da0ae963173dd7
80bac2abc74d2fa93a63ff82514fd64ee8caf9a0
c806647a143cb92f41ed1e60c6be245cd4e78b447c90adbed881ca54ecfa7337
GET /eus2/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-length: 23442
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8c7baa5622330"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0GnArYwAAAACB7tyRsoNfRIDUJEbi7Ex6TE9OMjFFREdFMTYxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 21 Sep 2022 20:12:10 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=ED686473816748F1977DF7EA8DCC2B0C&RedC=c.clarity.ms&MXFR=355830144E016E080F4622324A016030
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=355830144E016E080F4622324A016030; domain=.clarity.ms; expires=Mon, 16-Oct-2023 20:12:10 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 21 Sep 2022 20:12:09 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1663791129462&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=603540&time=1663791129462&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=603540&time=1663791129462&url=https%3A%2F%2Fwww.pixelme.me%2Fphishing%3Furl%3Dhttps%3A%2F%2Fhm.ru%2Fth3zKv&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&59e2b0d9-4176-4edf-86e6-29765824d10d"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Sep-2023 20:12:10 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2387:u=1:x=1:i=1663791130:t=1663877530:v=2:sig=AQEYPHvo9xYLkrx8b76azqqGIecjDHpl"; Expires=Thu, 22 Sep 2022 20:12:10 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpNY9PYf6mjLiuaVg0HA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5ED7EBE13E4A4FCFAE1C3C4E9D83E073 Ref B: OSL30EDGE0412 Ref C: 2022-09-21T20:12:10Z
date: Wed, 21 Sep 2022 20:12:09 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=ED686473816748F1977DF7EA8DCC2B0C&RedC=c.clarity.ms&MXFR=355830144E016E080F4622324A016030
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=ED686473816748F1977DF7EA8DCC2B0C&RedC=c.clarity.ms&MXFR=355830144E016E080F4622324A016030
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=ED686473816748F1977DF7EA8DCC2B0C&RedC=c.clarity.ms&MXFR=355830144E016E080F4622324A016030 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=ED686473816748F1977DF7EA8DCC2B0C&MUID=10BBACF4AD82603535E9BED2AC7761E0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=10BBACF4AD82603535E9BED2AC7761E0; domain=c.bing.com; expires=Mon, 16-Oct-2023 20:12:10 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47B456F89AEF44269E57CB97D0DA1AA9 Ref B: OSL30EDGE0116 Ref C: 2022-09-21T20:12:10Z
date: Wed, 21 Sep 2022 20:12:09 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=ED686473816748F1977DF7EA8DCC2B0C&MUID=10BBACF4AD82603535E9BED2AC7761E0
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=ED686473816748F1977DF7EA8DCC2B0C&MUID=10BBACF4AD82603535E9BED2AC7761E0
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=ED686473816748F1977DF7EA8DCC2B0C&MUID=10BBACF4AD82603535E9BED2AC7761E0 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 21-Sep-2022 20:22:10 GMT; path=/; SameSite=None; Secure;
date: Wed, 21 Sep 2022 20:12:10 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 9696
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.pixelme.me
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 20:12:10 GMT
X-Firefox-Spdy: h2
cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=zh&v=1653069479
54.230.111.125200 OK 0 B URL HTTP/2 cdn-api.weglot.com/translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=zh&v=1653069479
IP 54.230.111.125:0
GET /translations/slugs?api_key=wg_4099fc3d7e82ef37a59176ea4e8450100&language_to=zh&v=1653069479 HTTP/1.1
Host: cdn-api.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pixelme.me/
Origin: https://www.pixelme.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sat, 21 May 2022 00:27:48 GMT
server: nginx
cache-control: max-age=0, must-revalidate, no-store, private
access-control-allow-origin: *
access-control-allow-methods: GET,POST,PUT,PATCH
access-control-allow-headers: Content-Type
content-security-policy: script-src 'nonce-7716bb5f9bb0beb29fb2df22a33fc7ba' dashboard.weglot.com *.weglot.com *.stripe.com *.announcekit.app *.nolt.io *.jsdelivr.net *.firstpromoter.com beacon-v2.helpscout.net *.google.com *.google-analytics.com *.googletagmanager.com *.googleadservices.com *.gstatic.com static.ads-twitter.com analytics.twitter.com bat.bing.com snap.licdn.com *.snap.licdn.com *.redditstatic.com connect.facebook.net *.hotjar.com a.quora.com cdn.firstpromoter.com https: http:; object-src 'none'; base-uri 'self';
expires: Sat, 21 May 2022 00:27:48 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(self), geolocation=(), gyroscope=(self), magnetometer=(), microphone=(), midi=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), usb=(), xr-spatial-tracking=(), clipboard-read=(self), clipboard-write=(self), hid=(), idle-detection=(), serial=()
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QwysMrEI8oxb1VSXD4L6Q6yR5drk-2dUgBpus1j9mQ7NVD5ExWaUKA==
age: 10698261
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2279645.js?sv=7
54.230.111.39200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2279645.js?sv=7
IP 54.230.111.39:0
GET /c/hotjar-2279645.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 20:11:36 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/ca8f58c2bb600dac174f9d207b739592
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
x-generation-timing: 1.0001659393311
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H9QlD_T_U2sphnhgChvS37H-GEaEASkPaHccnNRpyEEiYRWZjcye_Q==
age: 33
X-Firefox-Spdy: h2
cdn.weglot.com/weglot.min.css?v=4
143.204.55.83200 OK 0 B URL HTTP/2 cdn.weglot.com/weglot.min.css?v=4
IP 143.204.55.83:0
GET /weglot.min.css?v=4 HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
date: Mon, 19 Sep 2022 09:50:45 GMT
cache-control: max-age=2592000
last-modified: Mon, 19 Sep 2022 08:20:33 GMT
x-amz-version-id: null
etag: W/"b72cdd8118949f04803d561712cf0c5e"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D4-MmI3GhIRs8i7DeNmcy1wHo96Y2ly4w9O2PWFl5p4uw2EOuRlaBQ==
age: 210085
X-Firefox-Spdy: h2
cdn.weglot.com/flags/rectangle_mat/es.svg
143.204.55.83200 OK 0 B URL HTTP/2 cdn.weglot.com/flags/rectangle_mat/es.svg
IP 143.204.55.83:0
GET /flags/rectangle_mat/es.svg HTTP/1.1
Host: cdn.weglot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
date: Mon, 19 Sep 2022 09:50:46 GMT
cache-control: max-age=2592000
last-modified: Thu, 04 Aug 2022 10:26:28 GMT
x-amz-version-id: null
etag: W/"96b4be850a4d40bcea53825f0a5464ee"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tyqFSpqlOvoYrTViIgKh0mPh6XSlJZXASCc1lXXQ5wImGv6-v85bbA==
age: 210084
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2279645/visit-data?sv=7
79.125.47.26200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2279645/visit-data?sv=7
IP 79.125.47.26:0
POST /api/v2/client/sites/2279645/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 151
Origin: https://www.pixelme.me
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 20:12:10 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
www.datadoghq-browser-agent.com/datadog-logs-v4.js
54.230.217.110200 OK 0 B URL HTTP/2 www.datadoghq-browser-agent.com/datadog-logs-v4.js
IP 54.230.217.110:0
GET /datadog-logs-v4.js HTTP/1.1
Host: www.datadoghq-browser-agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pixelme.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 13 Sep 2022 11:18:19 GMT
server: AmazonS3
content-encoding: br
date: Wed, 21 Sep 2022 20:11:26 GMT
cache-control: max-age=14400, s-maxage=60
etag: W/"55e37f8fe5bdb5b308b347fe27b8d977"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fkv0lbkpIqJ5zlBGoZHvDlz4C-yC_jyhWHEN4sxdkGrcRV0ecrFdzA==
age: 45
timing-allow-origin: *
X-Firefox-Spdy: h2