Overview

URL rubyfieraco.uk/
IP45.33.23.183
ASNLinode, LLC
Location United States
Report completed2022-08-06 01:48:31 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-08-06 2 rubyfieraco.uk/ Malware
2022-08-06 2 rubyfieraco.uk/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZAbOa1F0gTXgSDE3UmBFbuZN (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-08-05 04:57:18 UTC 23.36.77.32
[Mnemonic Passive DNS] www6.rubyfieraco.uk (2) 0 2022-07-29 17:20:37 UTC 2022-07-29 17:20:37 UTC 35.186.238.101 Unknown ranking
[Mnemonic Passive DNS] partner.googleadservices.com (1) 798 2017-01-30 04:56:54 UTC 2022-08-05 05:01:52 UTC 142.250.74.98
[Mnemonic Passive DNS] afs.googleusercontent.com (2) 12123 2017-01-30 05:39:23 UTC 2022-08-05 06:46:27 UTC 142.250.74.1
[Mnemonic Passive DNS] postback.trafficmotor.com (2) 96726 No data No data 45.79.38.145
[Mnemonic Passive DNS] rubyfieraco.uk (2) 0 No data No data 45.33.18.44 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] img1.wsimg.com (4) 9893 2012-12-19 10:50:44 UTC 2022-08-05 08:06:06 UTC 23.36.79.43
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-05 05:06:17 UTC 35.155.105.35
[Mnemonic Passive DNS] ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-08-05 04:56:14 UTC 142.250.74.3
[Mnemonic Passive DNS] ocsp.godaddy.com (1) 698 2017-01-30 05:00:35 UTC 2022-08-05 05:00:07 UTC 192.124.249.41
[Mnemonic Passive DNS] api.aws.parking.godaddy.com (5) 36127 2020-03-23 21:33:37 UTC 2022-08-05 11:53:35 UTC 3.211.228.79
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-05 05:06:42 UTC 54.230.111.99
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-08-05 21:56:34 UTC 93.184.220.29
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-05 06:49:03 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.33.23.183

Date UQ / IDS / BL URL IP
2022-08-14 04:57:56 +0000
0 - 0 - 2 totalfarm.com/ 45.33.23.183
2022-08-14 04:39:24 +0000
0 - 0 - 1 adventuscovid19.com/mtm/direct/.eJxtiksOwjAMB (...) 45.33.23.183
2022-08-14 04:31:49 +0000
0 - 0 - 1 hundredroos.co.uk/mtm/direct/.eJxtkM1ygjAYRd- (...) 45.33.23.183
2022-08-14 02:52:33 +0000
0 - 0 - 2 hardhardsex.com/mtm/direct/.ejxlisekajemrp8lx (...) 45.33.23.183
2022-08-14 02:26:12 +0000
0 - 0 - 2 aleah.thigreives06.xyz/ 45.33.23.183
2022-08-14 02:24:02 +0000
0 - 0 - 2 bigtitsclip.com/ 45.33.23.183
2022-08-14 02:19:34 +0000
0 - 0 - 2 machosgay.com/ 45.33.23.183
2022-08-14 01:37:50 +0000
0 - 0 - 2 fabienne-soumise.com/mtm/direct/.eJx1ikEKAjEM (...) 45.33.23.183
2022-08-14 01:31:14 +0000
0 - 0 - 2 ldaarkansas.org/mtm/direct/.eJxliksOwjAMBe_iZ (...) 45.33.23.183
2022-08-13 22:27:29 +0000
0 - 0 - 1 pplive888.com/mtm/direct/.eJxdikEOwjAMBP_iY4l (...) 45.33.23.183

Last 10 reports on ASN: Linode, LLC

Date UQ / IDS / BL URL IP
2022-08-14 06:26:59 +0000
0 - 0 - 2 cheatshacksfreedownload.com/mtm/direct/.ejx9i (...) 198.58.118.167
2022-08-14 06:26:46 +0000
0 - 0 - 2 advanced-esthetic.us/http:/advanced-esthetic. (...) 198.58.118.167
2022-08-14 06:24:33 +0000
0 - 0 - 3 blackarse.com/mtm/direct/.ejxdikeowjambp_iy4l (...) 45.79.19.196
2022-08-14 06:23:47 +0000
0 - 0 - 2 tarotcanada.com/mtm/direct/.eJxliksKAkEMBe-S5 (...) 45.33.18.44
2022-08-14 06:22:02 +0000
0 - 0 - 2 tits.net/mtm/direct/.eJxdycEKwjAQhOF32WMNXY9a (...) 173.255.194.134
2022-08-14 06:19:07 +0000
0 - 0 - 3 indianmoviemall.com/ 45.33.30.197
2022-08-14 06:00:03 +0000
0 - 0 - 1 accessalohatravel.com/mtm/direct/.eJx1ikEKAjE (...) 72.14.185.43
2022-08-14 05:45:16 +0000
0 - 0 - 2 mothernature.one/wp-content/plugins/woocommer (...) 45.33.20.235
2022-08-14 05:16:47 +0000
0 - 0 - 1 athleticclearance.org/mtm/direct/.eJx1yssKwkA (...) 96.126.123.244
2022-08-14 04:57:56 +0000
0 - 0 - 2 totalfarm.com/ 45.33.23.183

No other reports on domain: rubyfieraco.uk



JavaScript

Executed Scripts (10)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (45)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 06 Aug 2022 01:01:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bcJe-14R-kRqOIqWjCrY_2F6EVlla51O6fZCVT-weSWKTHJS05K-nA==
Age: 2791


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            GET / HTTP/1.1 
Host: rubyfieraco.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         45.33.18.44
HTTP/1.1 200 OK
                                        
server: openresty/1.13.6.1
date: Sat, 06 Aug 2022 01:48:20 GMT
content-type: text/html; charset=utf-8
content-length: 7028
vary: Accept-Language
content-language: en
connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   7028
Md5:    8d44002a1c44d91802f87f2ac96daa3f
Sha1:   69fa05b2ec23eb43893a8447279a6fd816aa906b
Sha256: 80a5d5f3a25ee1c0416fbfd090250813c8e086adc1f4c846442903a0ef10c342

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34"
Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4907
Expires: Sat, 06 Aug 2022 03:10:07 GMT
Date: Sat, 06 Aug 2022 01:48:20 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 05 Aug 2022 04:15:27 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zw9V0JPSZp-sZM_5JB7H8Cgenp2EcCqKLvxPc53BIzvdlVfwD8VZYg==
age: 77574
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 01:48:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZAbOa1F0gTXgSDE3UmBFbuZN3pPKMJwAAsGUMalYSMhT0LylSktep4xUlMpw8MzCbrUl8v6cY6ytqJU1U4ag8GcAztUTrOt67Kp_2sMx-tp2-8NRxzJ4o39D-80ZNPZ7tN38HoDjkI1oA:1oK8vM:Rs1krndRrCKmb3v2AaJGgPeJ5nc/1/0 HTTP/1.1 
Host: rubyfieraco.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://rubyfieraco.uk/
Connection: keep-alive

                                         
                                         45.33.18.44
HTTP/1.1 200 OK
                                        
server: openresty/1.13.6.1
date: Sat, 06 Aug 2022 01:48:20 GMT
content-type: text/html; charset=utf-8
content-length: 133
x-mtm-path: 4
x-mtm-prov: 1:0.00;70:59.74
x-mtm-rd: 0.28
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJydWJ5ZmllcmFjby51ayIsImh0dHA6Ly93d3c2LnJ1YnlmaWVyYWNvLnVrLz90ZW1wbGF0ZT1BUlJPV18zJnRkZnM9MCZzX3Rva2VuPTE2NTk3NTA1MDAuMDE4MTcwMDAwMCZ1dWlkPTE2NTk3NTA1MDAuMDE4MTcwMDAwMCZzZWFyY2hib3g9MSZzaG93RG9tYWluPTEiLDEsIjIwMjItMDgtMDYgMDE6NDg6MjAiLDEsIjE2NTk3NTA1MDAuMDE4MTcwMDAwMCIsNzAsbnVsbCxudWxsXQ:1oK8vM:Bo7uH0dn6tVsUqeOCg6a-ubPfM4; expires=Sat, 06-Aug-2022 02:48:20 GMT; Max-Age=3600; Path=/
connection: close


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   133
Md5:    0cd18c5ddd052acc6b2d52cc82d92ded
Sha1:   11bb82a7a0a6cf8dddacb5c431ba159d6723e985
Sha256: e4234f184e38364c0eb4b26ebc173c529bada41340ca183f6b12e0dc3c06c45b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 06 Aug 2022 01:16:14 GMT
Cache-Control: max-age=3600
Expires: Sat, 06 Aug 2022 01:16:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wRFJrBl7GMovTmt5jKr7zDuoZgLcGCHNz2CvdiL4aTw5Sc0amuUFlQ==
Age: 1927


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /?template=ARROW_3&tdfs=0&s_token=1659750500.0181700000&uuid=1659750500.0181700000&searchbox=1&showDomain=1 HTTP/1.1 
Host: www6.rubyfieraco.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rubyfieraco.uk/
Upgrade-Insecure-Requests: 1

                                         
                                         35.186.238.101
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Sat, 06 Aug 2022 01:48:21 GMT
Content-Length: 2551
Last-Modified: Tue, 19 Jul 2022 15:54:52 GMT
ETag: "62d6d3cc-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_b3s6OowSDDCgb2OziRIfyOsCUVsJeOe802+Ggh6fYbzJZ6KuPvpCbUrmJ076NkBRbn9UjKtNEylU1IooJsDW5w
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    e15539eadc1cc5c89eddb6b5ac399221
Sha1:   9b30a558a0b27935ca8126a949e5830445117bde
Sha256: 6b99a14f762d50ad6ca4df3b21ca122ac86c6e0ce862b49e9c3c58eb63969502
                                        
                                            GET /parking-lander/static/js/2.fd9305fa.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rubyfieraco.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
                                        
x-amz-id-2: 23SVN2c3w4WOLHTUlg8ZZ5gZ/iUa5Se5XQELffKPeZ+Do6wFAf/jv5FsXBipOsk2q7azmlHXSOk=
x-amz-request-id: DC6RS059FYSRYFPB
last-modified: Thu, 05 May 2022 14:06:35 GMT
etag: "96093fed9c1106d39d18096d94287259"
x-amz-server-side-encryption: AES256
x-amz-version-id: fErv0WsreFxlBG9wvpAyThF.OE.Oslp7
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sun, 06 Aug 2023 01:48:21 GMT
date: Sat, 06 Aug 2022 01:48:21 GMT
content-length: 135643
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65462)
Size:   135643
Md5:    613388ba42197acad90c8d7f5e265d8d
Sha1:   e76a2ae12b3eb98f7af342c60d136f705c184239
Sha256: 9e78a4e94cdddfc45ca7a0575dfd8b5f0bf8673a4e18b1509ea6fa39076f2e8a
                                        
                                            GET /parking-lander/static/js/main.b2dc4f09.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rubyfieraco.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.43
HTTP/2 200 OK
                                        
x-amz-id-2: Q1/UXBCnkqccwB0QCe+NMKpytkcyRbSX2PTWaYVlSmmS0ZdszVVj8mAPEsMjpYrQjPBYWuVegYY=
x-amz-request-id: DC6MS74WHPZBJBH1
last-modified: Thu, 05 May 2022 14:06:35 GMT
etag: "fc8eede2839a739a71d4a91a29bc9d5f"
x-amz-server-side-encryption: AES256
x-amz-version-id: KlILJunvYlQ5Ou1jhtw0a5JVX_XX3xMM
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 53882
cache-control: max-age=31536000
expires: Sun, 06 Aug 2023 01:48:21 GMT
date: Sat, 06 Aug 2022 01:48:21 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   53882
Md5:    0bd96f946e382242585cb7781a18db73
Sha1:   5c45ffb00b7d63a87351365e0594e3e8b7999816
Sha256: 3b8a6e3b751b5de9ed16a6e3ab36b56665d892d2416dd8b6965d32a239ee59bc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 01:48:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3896
Cache-Control: 'max-age=158059'
Date: Sat, 06 Aug 2022 01:48:21 GMT
Last-Modified: Sat, 06 Aug 2022 00:43:25 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 01:48:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?template=ARROW_3&tdfs=0&s_token=1659750500.0181700000&uuid=1659750500.0181700000&searchbox=1&showDomain=1 HTTP/1.1 
Host: www6.rubyfieraco.uk
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=
Upgrade-Insecure-Requests: 1
If-Modified-Since: Tue, 19 Jul 2022 15:54:52 GMT
If-None-Match: "62d6d3cc-9f7"
Cache-Control: max-age=0

                                         
                                         35.186.238.101
HTTP/1.1 304 Not Modified
                                        
Server: openresty
Date: Sat, 06 Aug 2022 01:48:21 GMT
Last-Modified: Tue, 19 Jul 2022 15:54:52 GMT
ETag: "62d6d3cc-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_b3s6OowSDDCgb2OziRIfyOsCUVsJeOe802+Ggh6fYbzJZ6KuPvpCbUrmJ076NkBRbn9UjKtNEylU1IooJsDW5w
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400;
Via: 1.1 google

                                        
                                            GET /parking-lander/static/js/2.fd9305fa.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rubyfieraco.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 05 May 2022 14:06:35 GMT
If-None-Match: "96093fed9c1106d39d18096d94287259"
Cache-Control: max-age=0
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 304 Not Modified
                                        
content-type: application/javascript
last-modified: Thu, 05 May 2022 14:06:35 GMT
etag: "96093fed9c1106d39d18096d94287259"
cache-control: max-age=31536000
expires: Sun, 06 Aug 2023 01:48:21 GMT
date: Sat, 06 Aug 2022 01:48:21 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /parking-lander/static/js/main.b2dc4f09.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rubyfieraco.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 05 May 2022 14:06:35 GMT
If-None-Match: "fc8eede2839a739a71d4a91a29bc9d5f"
Cache-Control: max-age=0
TE: trailers

                                         
                                         23.36.79.43
HTTP/2 304 Not Modified
                                        
content-type: application/javascript
last-modified: Thu, 05 May 2022 14:06:35 GMT
etag: "fc8eede2839a739a71d4a91a29bc9d5f"
cache-control: max-age=31536000
expires: Sun, 06 Aug 2023 01:48:21 GMT
date: Sat, 06 Aug 2022 01:48:21 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZyjSftcKV6TMPg+RbWhu4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.155.105.35
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1QoohA6bjL33jIFgJmQWEzS2XAY=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.41
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sat, 06 Aug 2022 01:48:21 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 05 Aug 2022 22:53:30 GMT
Expires: Sat, 06 Aug 2022 22:53:30 GMT
ETag: "f3ecd6977e66ef35764c886ea076a99a5607c212"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    d60b2d18e30ac5106bdaf45515002a58
Sha1:   f3ecd6977e66ef35764c886ea076a99a5607c212
Sha256: 40d7c84105acf58b4de89fa23e64c5fa00c0c3cf62040c39f018bc79c4cd44b8
                                        
                                            OPTIONS /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.rubyfieraco.uk/
Origin: http://www6.rubyfieraco.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

                                         
                                         3.211.228.79
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 01:48:22 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=DD3OUGMavHhluRBb1cMu6ts7mTXYfcsKnbHhhC9upWv1k0lCKeUgw0X96Ig+Z+ryKkYGru2Sp/48DOQRX6qVwZcitjQ5losSWHg20M2KHx2rzr3E6yj7NlnuXADs; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=DD3OUGMavHhluRBb1cMu6ts7mTXYfcsKnbHhhC9upWv1k0lCKeUgw0X96Ig+Z+ryKkYGru2Sp/48DOQRX6qVwZcitjQ5losSWHg20M2KHx2rzr3E6yj7NlnuXADs; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.rubyfieraco.uk/
Content-Type: application/json
Origin: http://www6.rubyfieraco.uk
Content-Length: 693
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.211.228.79
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 01:48:22 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=5Su4n0QLYeTdlKUNlUc/C5r7lHhHNzY59qI0qlNxnHj9bY83yXgcHOCJRzyGJ6t5/jDkWCWPfoODdA6JEY1yqJKqCC3M6cJ9qnGmSwvwSZ3emATO9jQxxSSiGi1D; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=5Su4n0QLYeTdlKUNlUc/C5r7lHhHNzY59qI0qlNxnHj9bY83yXgcHOCJRzyGJ6t5/jDkWCWPfoODdA6JEY1yqJKqCC3M6cJ9qnGmSwvwSZ3emATO9jQxxSSiGi1D; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /v1/domains/domain?domain=www6.rubyfieraco.uk&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://www6.rubyfieraco.uk/
Origin: http://www6.rubyfieraco.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

                                         
                                         3.211.228.79
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 01:48:22 GMT
content-length: 0
set-cookie: AWSALB=uJ76RbbA5aQs/sCO88IjdYR77ncrK9+VZx7FuI40U9FRDWMCH1c6gWhJqBqGv/xA5Fvu7PCS8FmI5Ms9qCJoW4/9RU3QkRm2TO/qCLGGw7oDn7Vf2RgEQvYaHxXh; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=uJ76RbbA5aQs/sCO88IjdYR77ncrK9+VZx7FuI40U9FRDWMCH1c6gWhJqBqGv/xA5Fvu7PCS8FmI5Ms9qCJoW4/9RU3QkRm2TO/qCLGGw7oDn7Vf2RgEQvYaHxXh; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://www6.rubyfieraco.uk
access-control-max-age: 600
x-request-id: PTSHHpT3
X-Firefox-Spdy: h2

                                        
                                            GET /v1/domains/domain?domain=www6.rubyfieraco.uk&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.rubyfieraco.uk/
X-Request-Id: a514e18c-187b-4fe3-9310-339a5a381545
Origin: http://www6.rubyfieraco.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.211.228.79
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 01:48:22 GMT
content-type: application/json
content-length: 774
set-cookie: AWSALB=0vttmswxRnk/hPBa2FTwONc4CvoZKKTE51j1vtEZ6M2LFYj7/+o0Z9RHhQwWcP8mCySbga58rFho0DrNdjZ4hAFaIjc+yNKhqzOprklFfQMTVey7Of8qFbIauBi3; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=0vttmswxRnk/hPBa2FTwONc4CvoZKKTE51j1vtEZ6M2LFYj7/+o0Z9RHhQwWcP8mCySbga58rFho0DrNdjZ4hAFaIjc+yNKhqzOprklFfQMTVey7Of8qFbIauBi3; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://www6.rubyfieraco.uk
access-control-max-age: 600
x-request-id: a514e18c-187b-4fe3-9310-339a5a381545
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (773)
Size:   774
Md5:    74ddf52ef0a6e5d0ead96642df544442
Sha1:   7231cad92af6eeff44a90371a081302f6ab4f8bf
Sha256: 6941d850d8b6b87e808b6442dd0ff8bce3281c76b87ca66cdb1d312d1448cb93
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 01:48:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gampad/cookie.js?domain=www6.rubyfieraco.uk&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rubyfieraco.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 06 Aug 2022 01:48:22 GMT
server: cafe
cache-control: private
content-length: 182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   182
Md5:    a1c6a7c728235e3c8089f84f1050495d
Sha1:   c39054f1e8326b0740f95f4c2e14c7e69e684b7d
Sha256: becd24ff0ed115d552847fc5a9c22b74d0c2f27c836edf52cc6d6edc64c90f56
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 01:48:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 01:48:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 01:48:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 06 Aug 2022 01:16:13 GMT
expires: Sun, 07 Aug 2022 00:16:13 GMT
cache-control: public, max-age=82800
age: 1929
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size:   272
Md5:    bbbac37f0b6e29a6099e4aa7cb19d6ca
Sha1:   0acafe95e2141f0af6109203efeb2d98e6b926c6
Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 05 Aug 2022 03:16:23 GMT
expires: Sat, 06 Aug 2022 02:16:23 GMT
cache-control: public, max-age=82800
age: 81119
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   174
Md5:    4de8b85c8915995b571bde50e231be7c
Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 01:48:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.rubyfieraco.uk/
Content-Type: application/json
Origin: http://www6.rubyfieraco.uk
Content-Length: 701
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.211.228.79
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 01:48:22 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=leN7QlrKOjPiiLFYwyebuJFuEON1RLXJQSjG8AgoOvRwWx8wySZTA1HGgt6qfxtOMNyoBCPzow97MdKsAhCCNl8/N8VPStBiiHoslgTpTxiDRZxzBU0RW6tKLk+b; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=leN7QlrKOjPiiLFYwyebuJFuEON1RLXJQSjG8AgoOvRwWx8wySZTA1HGgt6qfxtOMNyoBCPzow97MdKsAhCCNl8/N8VPStBiiHoslgTpTxiDRZxzBU0RW6tKLk+b; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3136
Expires: Sat, 06 Aug 2022 02:40:38 GMT
Date: Sat, 06 Aug 2022 01:48:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3136
Expires: Sat, 06 Aug 2022 02:40:38 GMT
Date: Sat, 06 Aug 2022 01:48:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3136
Expires: Sat, 06 Aug 2022 02:40:38 GMT
Date: Sat, 06 Aug 2022 01:48:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3136
Expires: Sat, 06 Aug 2022 02:40:38 GMT
Date: Sat, 06 Aug 2022 01:48:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38ac7a8b-efa3-4bb9-b35f-9a68e170d4eb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9366
x-amzn-requestid: deb6aa1d-b429-4218-a41c-00c81d15973b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMjcG0kIAMFbmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8e15-58f552ff2f58749d41a4879e;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:39:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hqRw_wvJLNz87-cTmti3sDlwvd_2st9PbUzxC8VQ_ShGSwS27ysRrw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 22:01:13 GMT
age: 13629
etag: "6eaa91dab23affc749e2ffe8d1452b4280b7b614"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9366
Md5:    126e9a90343e42dd18e69aa063bdb5cb
Sha1:   6eaa91dab23affc749e2ffe8d1452b4280b7b614
Sha256: 3d01b1ad823c09725f90507dd324ab2e17130768868641252c1299c51e01f449
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0639416-8f2d-4ab7-9e3b-459448bd9daa.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10949
x-amzn-requestid: c1761599-dc8d-408b-87da-b2961ac6560f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WUXu5FD2IAMFpnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62eb3992-1c17ee5a619249e84c814b7a;Sampled=0
x-amzn-remapped-date: Thu, 04 Aug 2022 03:14:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wLzVR3cavqSUYVaZq4XyGvRw2JSnkfLyhQcS7UskBp7_H7Ith0F-Uw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 04:13:53 GMT
age: 77669
etag: "084b4b2e95a731acefcee158e539c4fbc74060f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10949
Md5:    6b23b52c323b1ebf1abd497da1051b47
Sha1:   084b4b2e95a731acefcee158e539c4fbc74060f2
Sha256: d5fb15eb9611b3b67d3954a6f8c2ccd53a4c385d2beb6254d3063fc38f04f56e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cd7946e-f5b7-437e-832a-c5baed4274a7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8324
x-amzn-requestid: ef6e81af-87be-4150-b0fd-6b0362c90907
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMi_F3XIAMFraw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8e12-6eccb82f12a6909a72229646;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:39:30 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: iEvJFJ8VbGYG3tqaj_NL6adi57Vh7DIUBCiW0deB3-v9oztNgEA8ag==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:33 GMT
etag: "bbdd2e3df3289085d43c1bc36b9531f2ebaad16f"
content-type: image/jpeg
age: 14449
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8324
Md5:    118b1a66d5931bb8220e47ffa3db8c49
Sha1:   bbdd2e3df3289085d43c1bc36b9531f2ebaad16f
Sha256: b5458140eeeb70e9454dcc3ca55e531311d109703b59b0cbc92987ad8e9e984f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3F7695D2D8420FE94E055CBD5DEDB8EF419AC09BDB282935E7A976114A04AE9C"
Last-Modified: Wed, 03 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2831
Expires: Sat, 06 Aug 2022 02:35:33 GMT
Date: Sat, 06 Aug 2022 01:48:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60c16ee3-3a39-4ec1-8e5b-b1410576255d.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10858
x-amzn-requestid: f52ea3bb-2b14-4316-b1ea-25883320d73e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMEqHPoIAMFd8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d50-5d5190d20756dba80d5bdc58;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RMoRmSeS1MtqeuGiHW2SMyz_wsaY1nMkC2PDcgtSbrr-Y9Kr61_5lQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 22:01:03 GMT
age: 13639
etag: "41e1d42e206d3214a51e63770e9cd6cc0becbb24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10858
Md5:    afba830dc75735a2d3d2ddbc552122cf
Sha1:   41e1d42e206d3214a51e63770e9cd6cc0becbb24
Sha256: d3d4aefde36e4bc2d5369e0ce485c5e732a115055291c06d8c9a3db3beca8887
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3F7695D2D8420FE94E055CBD5DEDB8EF419AC09BDB282935E7A976114A04AE9C"
Last-Modified: Wed, 03 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2831
Expires: Sat, 06 Aug 2022 02:35:33 GMT
Date: Sat, 06 Aug 2022 01:48:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c27fbc-f7dc-491c-92c7-70dd9c68da69.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7911
x-amzn-requestid: d3776da5-df77-4b08-bdf4-a949df45920a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WOTuzF2-oAMF6qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62e8ccc4-36cb6c6a64a2fcb85c4a98e8;Sampled=0
x-amzn-remapped-date: Tue, 02 Aug 2022 07:05:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Sa8b4L8kCsNGyke-UI-zyBEpPPGb9jghFNWPSaWLonAuTxFGHsJviQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 23:12:47 GMT
age: 9335
etag: "126688362f54060110b92826e9ea513fabcfde4f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7911
Md5:    662f84cbbc31ca3bd337c82f59e810fb
Sha1:   126688362f54060110b92826e9ea513fabcfde4f
Sha256: 22db946504dfb8ac5b27913a462593a14cbc4ddbb433b10f0a3e1ddee5dd6753
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F817dc1f7-eb45-43f8-baff-dc8c8dc431d5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5927
x-amzn-requestid: 3e55ee66-fe01-4d6c-a112-7fef5f987ed4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaNj5ERNoAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8fb2-171a62aa5b6129252b6799a1;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: A91fveIjnkMpZ7jHHY5n7hdB5jBK-VKqPbe7_PyxJlnXKP-fq-zEXg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5928d4d9c6b3f72b0368c10c784489cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:22 GMT
etag: "2f672c1b11a1c279f429a25e80e37c19d87ed31b"
content-type: image/jpeg
age: 14460
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5927
Md5:    1d51f89b8978e5f853da0ec27aeba1f2
Sha1:   2f672c1b11a1c279f429a25e80e37c19d87ed31b
Sha256: 4b1741201668ef2b420b2c6ca02a9acec12b98c5527745229ceb27239a99881d
                                        
                                            OPTIONS /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.rubyfieraco.uk/
Origin: http://www6.rubyfieraco.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty/1.13.6.1
Date: Sat, 06 Aug 2022 01:48:23 GMT
Content-Length: 0
Connection: close
Allow: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Origin: http://www6.rubyfieraco.uk
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Access-Control-Allow-Headers: content-type

                                        
                                            POST /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.rubyfieraco.uk/
Content-Type: application/json
Origin: http://www6.rubyfieraco.uk
Content-Length: 141
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: openresty/1.13.6.1
Date: Sat, 06 Aug 2022 01:48:23 GMT
Content-Length: 3
Connection: close
Access-Control-Allow-Origin: http://www6.rubyfieraco.uk
Vary: Origin


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   3
Md5:    8a80554c91d9fca8acb82f023de02f11
Sha1:   5f36b2ea290645ee34d943220a14b54ee5ea5be5
Sha256: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356