urlquery - report: rubyfieraco.uk/

Overview

URL	rubyfieraco.uk/
IP	45.33.23.183
ASN	Linode, LLC
Location	United States
Report completed	2022-08-06 01:48:31 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-08-06	2	rubyfieraco.uk/	Malware
2022-08-06	2	rubyfieraco.uk/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZAbOa1F0gTXgSDE3UmBFbuZN (...)	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (16)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2022-08-05 04:57:18 UTC	23.36.77.32
[Mnemonic Passive DNS]	www6.rubyfieraco.uk (2)	0	2022-07-29 17:20:37 UTC	2022-07-29 17:20:37 UTC	35.186.238.101	Unknown ranking
[Mnemonic Passive DNS]	partner.googleadservices.com (1)	798	2017-01-30 04:56:54 UTC	2022-08-05 05:01:52 UTC	142.250.74.98
[Mnemonic Passive DNS]	afs.googleusercontent.com (2)	12123	2017-01-30 05:39:23 UTC	2022-08-05 06:46:27 UTC	142.250.74.1
[Mnemonic Passive DNS]	postback.trafficmotor.com (2)	96726	No data	No data	45.79.38.145
[Mnemonic Passive DNS]	rubyfieraco.uk (2)	0	No data	No data	45.33.18.44	Unknown ranking
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	img1.wsimg.com (4)	9893	2012-12-19 10:50:44 UTC	2022-08-05 08:06:06 UTC	23.36.79.43
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-08-05 05:06:17 UTC	35.155.105.35
[Mnemonic Passive DNS]	ocsp.pki.goog (7)	175	2017-06-14 07:23:31 UTC	2022-08-05 04:56:14 UTC	142.250.74.3
[Mnemonic Passive DNS]	ocsp.godaddy.com (1)	698	2017-01-30 05:00:35 UTC	2022-08-05 05:00:07 UTC	192.124.249.41
[Mnemonic Passive DNS]	api.aws.parking.godaddy.com (5)	36127	2020-03-23 21:33:37 UTC	2022-08-05 11:53:35 UTC	3.211.228.79
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.65
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-08-05 05:06:42 UTC	54.230.111.99
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-08-05 21:56:34 UTC	93.184.220.29
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-08-05 06:49:03 UTC	34.120.237.76

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.33.23.183

Date	UQ / IDS / BL	URL	IP
2022-08-14 04:57:56 +0000	0 - 0 - 2	totalfarm.com/	45.33.23.183
2022-08-14 04:39:24 +0000	0 - 0 - 1	adventuscovid19.com/mtm/direct/.eJxtiksOwjAMB (...)	45.33.23.183
2022-08-14 04:31:49 +0000	0 - 0 - 1	hundredroos.co.uk/mtm/direct/.eJxtkM1ygjAYRd- (...)	45.33.23.183
2022-08-14 02:52:33 +0000	0 - 0 - 2	hardhardsex.com/mtm/direct/.ejxlisekajemrp8lx (...)	45.33.23.183
2022-08-14 02:26:12 +0000	0 - 0 - 2	aleah.thigreives06.xyz/	45.33.23.183
2022-08-14 02:24:02 +0000	0 - 0 - 2	bigtitsclip.com/	45.33.23.183
2022-08-14 02:19:34 +0000	0 - 0 - 2	machosgay.com/	45.33.23.183
2022-08-14 01:37:50 +0000	0 - 0 - 2	fabienne-soumise.com/mtm/direct/.eJx1ikEKAjEM (...)	45.33.23.183
2022-08-14 01:31:14 +0000	0 - 0 - 2	ldaarkansas.org/mtm/direct/.eJxliksOwjAMBe_iZ (...)	45.33.23.183
2022-08-13 22:27:29 +0000	0 - 0 - 1	pplive888.com/mtm/direct/.eJxdikEOwjAMBP_iY4l (...)	45.33.23.183

Last 10 reports on ASN: Linode, LLC

Date	UQ / IDS / BL	URL	IP
2022-08-14 06:26:59 +0000	0 - 0 - 2	cheatshacksfreedownload.com/mtm/direct/.ejx9i (...)	198.58.118.167
2022-08-14 06:26:46 +0000	0 - 0 - 2	advanced-esthetic.us/http:/advanced-esthetic. (...)	198.58.118.167
2022-08-14 06:24:33 +0000	0 - 0 - 3	blackarse.com/mtm/direct/.ejxdikeowjambp_iy4l (...)	45.79.19.196
2022-08-14 06:23:47 +0000	0 - 0 - 2	tarotcanada.com/mtm/direct/.eJxliksKAkEMBe-S5 (...)	45.33.18.44
2022-08-14 06:22:02 +0000	0 - 0 - 2	tits.net/mtm/direct/.eJxdycEKwjAQhOF32WMNXY9a (...)	173.255.194.134
2022-08-14 06:19:07 +0000	0 - 0 - 3	indianmoviemall.com/	45.33.30.197
2022-08-14 06:00:03 +0000	0 - 0 - 1	accessalohatravel.com/mtm/direct/.eJx1ikEKAjE (...)	72.14.185.43
2022-08-14 05:45:16 +0000	0 - 0 - 2	mothernature.one/wp-content/plugins/woocommer (...)	45.33.20.235
2022-08-14 05:16:47 +0000	0 - 0 - 1	athleticclearance.org/mtm/direct/.eJx1yssKwkA (...)	96.126.123.244
2022-08-14 04:57:56 +0000	0 - 0 - 2	totalfarm.com/	45.33.23.183

No other reports on domain: rubyfieraco.uk

JavaScript

Executed Scripts (10)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (45)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 06 Aug 2022 01:01:49 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: bcJe-14R-kRqOIqWjCrY_2F6EVlla51O6fZCVT-weSWKTHJS05K-nA== Age: 2791 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
GET / HTTP/1.1 Host: rubyfieraco.uk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 7028 Md5: 8d44002a1c44d91802f87f2ac96daa3f$ 45.33.18.44 HTTP/1.1 200 OK server: openresty/1.13.6.1 date: Sat, 06 Aug 2022 01:48:20 GMT content-type: text/html; charset=utf-8 content-length: 7028 vary: Accept-Language content-language: en connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 7028 Md5: 8d44002a1c44d91802f87f2ac96daa3f Sha1: 69fa05b2ec23eb43893a8447279a6fd816aa906b Sha256: 80a5d5f3a25ee1c0416fbfd090250813c8e086adc1f4c846442903a0ef10c342 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34" Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4907 Expires: Sat, 06 Aug 2022 03:10:07 GMT Date: Sat, 06 Aug 2022 01:48:20 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 897b60146adb68539b3dc20e78ef2ece Sha1: eace3c5af0104a58586040660a2565bbde5d3d72 Sha256: f055127a4794d0f76cb4df8f290df8e259258a63398a700f592c859dffe9ac34
GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 578b9ff83ff3950ab2a3d1a8344d2938$ 54.230.111.99 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sun, 31 Jul 2022 18:34:08 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Fri, 05 Aug 2022 04:15:27 GMT etag: "578b9ff83ff3950ab2a3d1a8344d2938" x-cache: Hit from cloudfront via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Zw9V0JPSZp-sZM_5JB7H8Cgenp2EcCqKLvxPc53BIzvdlVfwD8VZYg== age: 77574 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 578b9ff83ff3950ab2a3d1a8344d2938 Sha1: 39d48b67ba6aa45ec01767725e726cf9b0c87a70 Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Sat, 06 Aug 2022 01:48:20 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZAbOa1F0gTXgSDE3UmBFbuZN3pPKMJwAAsGUMalYSMhT0LylSktep4xUlMpw8MzCbrUl8v6cY6ytqJU1U4ag8GcAztUTrOt67Kp_2sMx-tp2-8NRxzJ4o39D-80ZNPZ7tN38HoDjkI1oA:1oK8vM:Rs1krndRrCKmb3v2AaJGgPeJ5nc/1/0 HTTP/1.1 Host: rubyfieraco.uk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://rubyfieraco.uk/ Connection: keep-alive	45.33.18.44 HTTP/1.1 200 OK server: openresty/1.13.6.1 date: Sat, 06 Aug 2022 01:48:20 GMT content-type: text/html; charset=utf-8 content-length: 133 x-mtm-path: 4 x-mtm-prov: 1:0.00;70:59.74 x-mtm-rd: 0.28 vary: Accept-Language content-language: en set-cookie: mtm_delivered=WyJydWJ5ZmllcmFjby51ayIsImh0dHA6Ly93d3c2LnJ1YnlmaWVyYWNvLnVrLz90ZW1wbGF0ZT1BUlJPV18zJnRkZnM9MCZzX3Rva2VuPTE2NTk3NTA1MDAuMDE4MTcwMDAwMCZ1dWlkPTE2NTk3NTA1MDAuMDE4MTcwMDAwMCZzZWFyY2hib3g9MSZzaG93RG9tYWluPTEiLDEsIjIwMjItMDgtMDYgMDE6NDg6MjAiLDEsIjE2NTk3NTA1MDAuMDE4MTcwMDAwMCIsNzAsbnVsbCxudWxsXQ:1oK8vM:Bo7uH0dn6tVsUqeOCg6a-ubPfM4; expires=Sat, 06-Aug-2022 02:48:20 GMT; Max-Age=3600; Path=/ connection: close --- Additional Info --- Magic: ASCII text, with no line terminators Size: 133 Md5: 0cd18c5ddd052acc6b2d52cc82d92ded Sha1: 11bb82a7a0a6cf8dddacb5c431ba159d6723e985 Sha256: e4234f184e38364c0eb4b26ebc173c529bada41340ca183f6b12e0dc3c06c45b Alerts: Blocklists: - fortinet: Malware
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sat, 06 Aug 2022 01:16:14 GMT Cache-Control: max-age=3600 Expires: Sat, 06 Aug 2022 01:16:14 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: wRFJrBl7GMovTmt5jKr7zDuoZgLcGCHNz2CvdiL4aTw5Sc0amuUFlQ== Age: 1927 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /?template=ARROW_3&tdfs=0&s_token=1659750500.0181700000&uuid=1659750500.0181700000&searchbox=1&showDomain=1 HTTP/1.1 Host: www6.rubyfieraco.uk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://rubyfieraco.uk/ Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators Size: 2551 Md5: e15539eadc1cc5c89eddb6b5ac399221$ 35.186.238.101 HTTP/1.1 200 OK Content-Type: text/html Server: openresty Date: Sat, 06 Aug 2022 01:48:21 GMT Content-Length: 2551 Last-Modified: Tue, 19 Jul 2022 15:54:52 GMT ETag: "62d6d3cc-9f7" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_b3s6OowSDDCgb2OziRIfyOsCUVsJeOe802+Ggh6fYbzJZ6KuPvpCbUrmJ076NkBRbn9UjKtNEylU1IooJsDW5w Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400; Accept-Ranges: bytes Via: 1.1 google --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators Size: 2551 Md5: e15539eadc1cc5c89eddb6b5ac399221 Sha1: 9b30a558a0b27935ca8126a949e5830445117bde Sha256: 6b99a14f762d50ad6ca4df3b21ca122ac86c6e0ce862b49e9c3c58eb63969502
GET /parking-lander/static/js/2.fd9305fa.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.rubyfieraco.uk/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	23.36.79.43 HTTP/2 200 OK x-amz-id-2: 23SVN2c3w4WOLHTUlg8ZZ5gZ/iUa5Se5XQELffKPeZ+Do6wFAf/jv5FsXBipOsk2q7azmlHXSOk= x-amz-request-id: DC6RS059FYSRYFPB last-modified: Thu, 05 May 2022 14:06:35 GMT etag: "96093fed9c1106d39d18096d94287259" x-amz-server-side-encryption: AES256 x-amz-version-id: fErv0WsreFxlBG9wvpAyThF.OE.Oslp7 accept-ranges: bytes content-type: application/javascript vary: Accept-Encoding content-encoding: gzip cache-control: max-age=31536000 expires: Sun, 06 Aug 2023 01:48:21 GMT date: Sat, 06 Aug 2022 01:48:21 GMT content-length: 135643 timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65462) Size: 135643 Md5: 613388ba42197acad90c8d7f5e265d8d Sha1: e76a2ae12b3eb98f7af342c60d136f705c184239 Sha256: 9e78a4e94cdddfc45ca7a0575dfd8b5f0bf8673a4e18b1509ea6fa39076f2e8a
GET /parking-lander/static/js/main.b2dc4f09.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.rubyfieraco.uk/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	23.36.79.43 HTTP/2 200 OK x-amz-id-2: Q1/UXBCnkqccwB0QCe+NMKpytkcyRbSX2PTWaYVlSmmS0ZdszVVj8mAPEsMjpYrQjPBYWuVegYY= x-amz-request-id: DC6MS74WHPZBJBH1 last-modified: Thu, 05 May 2022 14:06:35 GMT etag: "fc8eede2839a739a71d4a91a29bc9d5f" x-amz-server-side-encryption: AES256 x-amz-version-id: KlILJunvYlQ5Ou1jhtw0a5JVX_XX3xMM accept-ranges: bytes content-type: application/javascript vary: Accept-Encoding content-encoding: gzip content-length: 53882 cache-control: max-age=31536000 expires: Sun, 06 Aug 2023 01:48:21 GMT date: Sat, 06 Aug 2022 01:48:21 GMT timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 53882 Md5: 0bd96f946e382242585cb7781a18db73 Sha1: 5c45ffb00b7d63a87351365e0594e3e8b7999816 Sha256: 3b8a6e3b751b5de9ed16a6e3ab36b56665d892d2416dd8b6965d32a239ee59bc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 06 Aug 2022 01:48:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: f186efd9f74ae592f2ee45e97149e2a3 Sha1: 3875eb46c68554850f5871604d9fad421415f9f5 Sha256: 15cc3dabd9eb27be33bcef5e43d7ff98af1535d11612c1174db255d1b39c7fc3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3896 Cache-Control: 'max-age=158059' Date: Sat, 06 Aug 2022 01:48:21 GMT Last-Modified: Sat, 06 Aug 2022 00:43:25 GMT Server: ECS (ska/F714) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee9c2d2db5cdffcdf3d0de9dec5a75a7 Sha1: bfc2ba6d838914231592d4bdf57f03ae7fa829f5 Sha256: b5c8c1af3e56b1edd64a616826135ddfb269fdbe2a6b965a4b0eacc6fe5c6849
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 06 Aug 2022 01:48:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 83b236b553fa7d29608af3f9a86c6af0 Sha1: 6202bdcb064fd381cde2485a3105750c42fe692d Sha256: 1462d24e74f70b40fcf450c2ba1a4f5575bf20f15e4b9855ff3bcc0ec1fae41c
GET /?template=ARROW_3&tdfs=0&s_token=1659750500.0181700000&uuid=1659750500.0181700000&searchbox=1&showDomain=1 HTTP/1.1 Host: www6.rubyfieraco.uk User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner= Upgrade-Insecure-Requests: 1 If-Modified-Since: Tue, 19 Jul 2022 15:54:52 GMT If-None-Match: "62d6d3cc-9f7" Cache-Control: max-age=0	35.186.238.101 HTTP/1.1 304 Not Modified Server: openresty Date: Sat, 06 Aug 2022 01:48:21 GMT Last-Modified: Tue, 19 Jul 2022 15:54:52 GMT ETag: "62d6d3cc-9f7" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_b3s6OowSDDCgb2OziRIfyOsCUVsJeOe802+Ggh6fYbzJZ6KuPvpCbUrmJ076NkBRbn9UjKtNEylU1IooJsDW5w Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400; Via: 1.1 google --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /parking-lander/static/js/2.fd9305fa.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.rubyfieraco.uk/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 05 May 2022 14:06:35 GMT If-None-Match: "96093fed9c1106d39d18096d94287259" Cache-Control: max-age=0 TE: trailers	23.36.79.43 HTTP/2 304 Not Modified content-type: application/javascript last-modified: Thu, 05 May 2022 14:06:35 GMT etag: "96093fed9c1106d39d18096d94287259" cache-control: max-age=31536000 expires: Sun, 06 Aug 2023 01:48:21 GMT date: Sat, 06 Aug 2022 01:48:21 GMT timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /parking-lander/static/js/main.b2dc4f09.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.rubyfieraco.uk/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Thu, 05 May 2022 14:06:35 GMT If-None-Match: "fc8eede2839a739a71d4a91a29bc9d5f" Cache-Control: max-age=0 TE: trailers	23.36.79.43 HTTP/2 304 Not Modified content-type: application/javascript last-modified: Thu, 05 May 2022 14:06:35 GMT etag: "fc8eede2839a739a71d4a91a29bc9d5f" cache-control: max-age=31536000 expires: Sun, 06 Aug 2023 01:48:21 GMT date: Sat, 06 Aug 2022 01:48:21 GMT timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: ZyjSftcKV6TMPg+RbWhu4g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	35.155.105.35 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 1QoohA6bjL33jIFgJmQWEzS2XAY= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 75 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	192.124.249.41 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Sucuri/Cloudproxy Date: Sat, 06 Aug 2022 01:48:21 GMT Content-Length: 1777 Connection: keep-alive X-Sucuri-ID: 19041 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Fri, 05 Aug 2022 22:53:30 GMT Expires: Sat, 06 Aug 2022 22:53:30 GMT ETag: "f3ecd6977e66ef35764c886ea076a99a5607c212" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" --- Additional Info --- Magic: data Size: 1777 Md5: d60b2d18e30ac5106bdaf45515002a58 Sha1: f3ecd6977e66ef35764c886ea076a99a5607c212 Sha256: 40d7c84105acf58b4de89fa23e64c5fa00c0c3cf62040c39f018bc79c4cd44b8
OPTIONS /v1/parkingEvents HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://www6.rubyfieraco.uk/ Origin: http://www6.rubyfieraco.uk Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Cache-Control: max-age=0	3.211.228.79 HTTP/2 200 OK date: Sat, 06 Aug 2022 01:48:22 GMT content-type: text/plain content-length: 0 set-cookie: AWSALB=DD3OUGMavHhluRBb1cMu6ts7mTXYfcsKnbHhhC9upWv1k0lCKeUgw0X96Ig+Z+ryKkYGru2Sp/48DOQRX6qVwZcitjQ5losSWHg20M2KHx2rzr3E6yj7NlnuXADs; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=DD3OUGMavHhluRBb1cMu6ts7mTXYfcsKnbHhhC9upWv1k0lCKeUgw0X96Ig+Z+ryKkYGru2Sp/48DOQRX6qVwZcitjQ5losSWHg20M2KHx2rzr3E6yj7NlnuXADs; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure access-control-allow-methods: POST access-control-allow-headers: content-type access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/parkingEvents HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.rubyfieraco.uk/ Content-Type: application/json Origin: http://www6.rubyfieraco.uk Content-Length: 693 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	3.211.228.79 HTTP/2 200 OK date: Sat, 06 Aug 2022 01:48:22 GMT content-type: text/plain content-length: 0 set-cookie: AWSALB=5Su4n0QLYeTdlKUNlUc/C5r7lHhHNzY59qI0qlNxnHj9bY83yXgcHOCJRzyGJ6t5/jDkWCWPfoODdA6JEY1yqJKqCC3M6cJ9qnGmSwvwSZ3emATO9jQxxSSiGi1D; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=5Su4n0QLYeTdlKUNlUc/C5r7lHhHNzY59qI0qlNxnHj9bY83yXgcHOCJRzyGJ6t5/jDkWCWPfoODdA6JEY1yqJKqCC3M6cJ9qnGmSwvwSZ3emATO9jQxxSSiGi1D; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/domains/domain?domain=www6.rubyfieraco.uk&portfolioId= HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-request-id Referer: http://www6.rubyfieraco.uk/ Origin: http://www6.rubyfieraco.uk Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Cache-Control: max-age=0	3.211.228.79 HTTP/2 200 OK date: Sat, 06 Aug 2022 01:48:22 GMT content-length: 0 set-cookie: AWSALB=uJ76RbbA5aQs/sCO88IjdYR77ncrK9+VZx7FuI40U9FRDWMCH1c6gWhJqBqGv/xA5Fvu7PCS8FmI5Ms9qCJoW4/9RU3QkRm2TO/qCLGGw7oDn7Vf2RgEQvYaHxXh; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=uJ76RbbA5aQs/sCO88IjdYR77ncrK9+VZx7FuI40U9FRDWMCH1c6gWhJqBqGv/xA5Fvu7PCS8FmI5Ms9qCJoW4/9RU3QkRm2TO/qCLGGw7oDn7Vf2RgEQvYaHxXh; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure access-control-allow-credentials: true access-control-allow-headers: X-Request-Id access-control-allow-methods: GET, HEAD, OPTIONS access-control-allow-origin: http://www6.rubyfieraco.uk access-control-max-age: 600 x-request-id: PTSHHpT3 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/domains/domain?domain=www6.rubyfieraco.uk&portfolioId= HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.rubyfieraco.uk/ X-Request-Id: a514e18c-187b-4fe3-9310-339a5a381545 Origin: http://www6.rubyfieraco.uk Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	$Magic: JSON data\012- , ASCII text, with very long lines (773) Size: 774 Md5: 74ddf52ef0a6e5d0ead96642df544442$ 3.211.228.79 HTTP/2 200 OK date: Sat, 06 Aug 2022 01:48:22 GMT content-type: application/json content-length: 774 set-cookie: AWSALB=0vttmswxRnk/hPBa2FTwONc4CvoZKKTE51j1vtEZ6M2LFYj7/+o0Z9RHhQwWcP8mCySbga58rFho0DrNdjZ4hAFaIjc+yNKhqzOprklFfQMTVey7Of8qFbIauBi3; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=0vttmswxRnk/hPBa2FTwONc4CvoZKKTE51j1vtEZ6M2LFYj7/+o0Z9RHhQwWcP8mCySbga58rFho0DrNdjZ4hAFaIjc+yNKhqzOprklFfQMTVey7Of8qFbIauBi3; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure access-control-allow-credentials: true access-control-allow-origin: http://www6.rubyfieraco.uk access-control-max-age: 600 x-request-id: a514e18c-187b-4fe3-9310-339a5a381545 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (773) Size: 774 Md5: 74ddf52ef0a6e5d0ead96642df544442 Sha1: 7231cad92af6eeff44a90371a081302f6ab4f8bf Sha256: 6941d850d8b6b87e808b6442dd0ff8bce3281c76b87ca66cdb1d312d1448cb93
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 06 Aug 2022 01:48:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c8965ef8a1a858ba992cda89452a9e60 Sha1: ac98d5a71e5c4838d8f610520f1c758663a94412 Sha256: 2c673e20f6572669c4fbf2966ab35fbe4595b27259f7e33762f1d08eaaf1b549
GET /gampad/cookie.js?domain=www6.rubyfieraco.uk&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.rubyfieraco.uk/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.98 HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin content-type: text/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Sat, 06 Aug 2022 01:48:22 GMT server: cafe cache-control: private content-length: 182 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 182 Md5: a1c6a7c728235e3c8089f84f1050495d Sha1: c39054f1e8326b0740f95f4c2e14c7e69e684b7d Sha256: becd24ff0ed115d552847fc5a9c22b74d0c2f27c836edf52cc6d6edc64c90f56
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 06 Aug 2022 01:48:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c8965ef8a1a858ba992cda89452a9e60 Sha1: ac98d5a71e5c4838d8f610520f1c758663a94412 Sha256: 2c673e20f6572669c4fbf2966ab35fbe4595b27259f7e33762f1d08eaaf1b549
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 06 Aug 2022 01:48:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c01a986bff6780f56d885da12579e2a Sha1: a0d8e208182caa7e3d4aea1e85ac96c6be9b10b0 Sha256: 9a9d6c5f410f632ea1ec20c1f145b5a4b9c0febd718132280476a4ed89cd0321
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 06 Aug 2022 01:48:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c01a986bff6780f56d885da12579e2a Sha1: a0d8e208182caa7e3d4aea1e85ac96c6be9b10b0 Sha256: 9a9d6c5f410f632ea1ec20c1f145b5a4b9c0febd718132280476a4ed89cd0321
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca$ 142.250.74.1 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 272 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Sat, 06 Aug 2022 01:16:13 GMT expires: Sun, 07 Aug 2022 00:16:13 GMT cache-control: public, max-age=82800 age: 1929 last-modified: Thu, 19 Dec 2019 14:15:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca Sha1: 0acafe95e2141f0af6109203efeb2d98e6b926c6 Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c$ 142.250.74.1 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Fri, 05 Aug 2022 03:16:23 GMT expires: Sat, 06 Aug 2022 02:16:23 GMT cache-control: public, max-age=82800 age: 81119 last-modified: Thu, 22 Oct 2020 21:45:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c Sha1: 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 06 Aug 2022 01:48:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c01a986bff6780f56d885da12579e2a Sha1: a0d8e208182caa7e3d4aea1e85ac96c6be9b10b0 Sha256: 9a9d6c5f410f632ea1ec20c1f145b5a4b9c0febd718132280476a4ed89cd0321
POST /v1/parkingEvents HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.rubyfieraco.uk/ Content-Type: application/json Origin: http://www6.rubyfieraco.uk Content-Length: 701 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	3.211.228.79 HTTP/2 200 OK date: Sat, 06 Aug 2022 01:48:22 GMT content-type: text/plain content-length: 0 set-cookie: AWSALB=leN7QlrKOjPiiLFYwyebuJFuEON1RLXJQSjG8AgoOvRwWx8wySZTA1HGgt6qfxtOMNyoBCPzow97MdKsAhCCNl8/N8VPStBiiHoslgTpTxiDRZxzBU0RW6tKLk+b; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/ AWSALBCORS=leN7QlrKOjPiiLFYwyebuJFuEON1RLXJQSjG8AgoOvRwWx8wySZTA1HGgt6qfxtOMNyoBCPzow97MdKsAhCCNl8/N8VPStBiiHoslgTpTxiDRZxzBU0RW6tKLk+b; Expires=Sat, 13 Aug 2022 01:48:22 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3136 Expires: Sat, 06 Aug 2022 02:40:38 GMT Date: Sat, 06 Aug 2022 01:48:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3136 Expires: Sat, 06 Aug 2022 02:40:38 GMT Date: Sat, 06 Aug 2022 01:48:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3136 Expires: Sat, 06 Aug 2022 02:40:38 GMT Date: Sat, 06 Aug 2022 01:48:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3136 Expires: Sat, 06 Aug 2022 02:40:38 GMT Date: Sat, 06 Aug 2022 01:48:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38ac7a8b-efa3-4bb9-b35f-9a68e170d4eb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9366 Md5: 126e9a90343e42dd18e69aa063bdb5cb$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9366 x-amzn-requestid: deb6aa1d-b429-4218-a41c-00c81d15973b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WaMjcG0kIAMFbmg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ed8e15-58f552ff2f58749d41a4879e;Sampled=0 x-amzn-remapped-date: Fri, 05 Aug 2022 21:39:33 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: hqRw_wvJLNz87-cTmti3sDlwvd_2st9PbUzxC8VQ_ShGSwS27ysRrw== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 22:01:13 GMT age: 13629 etag: "6eaa91dab23affc749e2ffe8d1452b4280b7b614" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9366 Md5: 126e9a90343e42dd18e69aa063bdb5cb Sha1: 6eaa91dab23affc749e2ffe8d1452b4280b7b614 Sha256: 3d01b1ad823c09725f90507dd324ab2e17130768868641252c1299c51e01f449
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0639416-8f2d-4ab7-9e3b-459448bd9daa.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10949 Md5: 6b23b52c323b1ebf1abd497da1051b47$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10949 x-amzn-requestid: c1761599-dc8d-408b-87da-b2961ac6560f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WUXu5FD2IAMFpnQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62eb3992-1c17ee5a619249e84c814b7a;Sampled=0 x-amzn-remapped-date: Thu, 04 Aug 2022 03:14:26 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: wLzVR3cavqSUYVaZq4XyGvRw2JSnkfLyhQcS7UskBp7_H7Ith0F-Uw== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 04:13:53 GMT age: 77669 etag: "084b4b2e95a731acefcee158e539c4fbc74060f2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10949 Md5: 6b23b52c323b1ebf1abd497da1051b47 Sha1: 084b4b2e95a731acefcee158e539c4fbc74060f2 Sha256: d5fb15eb9611b3b67d3954a6f8c2ccd53a4c385d2beb6254d3063fc38f04f56e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cd7946e-f5b7-437e-832a-c5baed4274a7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8324 Md5: 118b1a66d5931bb8220e47ffa3db8c49$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8324 x-amzn-requestid: ef6e81af-87be-4150-b0fd-6b0362c90907 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WaMi_F3XIAMFraw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ed8e12-6eccb82f12a6909a72229646;Sampled=0 x-amzn-remapped-date: Fri, 05 Aug 2022 21:39:30 GMT x-amz-cf-pop: HIO50-C1, YVR50-C1 x-cache: Miss from cloudfront x-amz-cf-id: iEvJFJ8VbGYG3tqaj_NL6adi57Vh7DIUBCiW0deB3-v9oztNgEA8ag== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 21:47:33 GMT etag: "bbdd2e3df3289085d43c1bc36b9531f2ebaad16f" content-type: image/jpeg age: 14449 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8324 Md5: 118b1a66d5931bb8220e47ffa3db8c49 Sha1: bbdd2e3df3289085d43c1bc36b9531f2ebaad16f Sha256: b5458140eeeb70e9454dcc3ca55e531311d109703b59b0cbc92987ad8e9e984f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3F7695D2D8420FE94E055CBD5DEDB8EF419AC09BDB282935E7A976114A04AE9C" Last-Modified: Wed, 03 Aug 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2831 Expires: Sat, 06 Aug 2022 02:35:33 GMT Date: Sat, 06 Aug 2022 01:48:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: decfac8e6c9a5721388eaec15f59e339 Sha1: 5339fff75ae1f618dcf5772d044a4035cb1a5638 Sha256: 3f7695d2d8420fe94e055cbd5dedb8ef419ac09bdb282935e7a976114a04ae9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60c16ee3-3a39-4ec1-8e5b-b1410576255d.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10858 Md5: afba830dc75735a2d3d2ddbc552122cf$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10858 x-amzn-requestid: f52ea3bb-2b14-4316-b1ea-25883320d73e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WaMEqHPoIAMFd8w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ed8d50-5d5190d20756dba80d5bdc58;Sampled=0 x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:16 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: RMoRmSeS1MtqeuGiHW2SMyz_wsaY1nMkC2PDcgtSbrr-Y9Kr61_5lQ== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 22:01:03 GMT age: 13639 etag: "41e1d42e206d3214a51e63770e9cd6cc0becbb24" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10858 Md5: afba830dc75735a2d3d2ddbc552122cf Sha1: 41e1d42e206d3214a51e63770e9cd6cc0becbb24 Sha256: d3d4aefde36e4bc2d5369e0ce485c5e732a115055291c06d8c9a3db3beca8887
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3F7695D2D8420FE94E055CBD5DEDB8EF419AC09BDB282935E7A976114A04AE9C" Last-Modified: Wed, 03 Aug 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2831 Expires: Sat, 06 Aug 2022 02:35:33 GMT Date: Sat, 06 Aug 2022 01:48:22 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: decfac8e6c9a5721388eaec15f59e339 Sha1: 5339fff75ae1f618dcf5772d044a4035cb1a5638 Sha256: 3f7695d2d8420fe94e055cbd5dedb8ef419ac09bdb282935e7a976114a04ae9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00c27fbc-f7dc-491c-92c7-70dd9c68da69.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7911 Md5: 662f84cbbc31ca3bd337c82f59e810fb$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7911 x-amzn-requestid: d3776da5-df77-4b08-bdf4-a949df45920a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WOTuzF2-oAMF6qw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62e8ccc4-36cb6c6a64a2fcb85c4a98e8;Sampled=0 x-amzn-remapped-date: Tue, 02 Aug 2022 07:05:40 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Sa8b4L8kCsNGyke-UI-zyBEpPPGb9jghFNWPSaWLonAuTxFGHsJviQ== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 23:12:47 GMT age: 9335 etag: "126688362f54060110b92826e9ea513fabcfde4f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7911 Md5: 662f84cbbc31ca3bd337c82f59e810fb Sha1: 126688362f54060110b92826e9ea513fabcfde4f Sha256: 22db946504dfb8ac5b27913a462593a14cbc4ddbb433b10f0a3e1ddee5dd6753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F817dc1f7-eb45-43f8-baff-dc8c8dc431d5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5927 Md5: 1d51f89b8978e5f853da0ec27aeba1f2$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5927 x-amzn-requestid: 3e55ee66-fe01-4d6c-a112-7fef5f987ed4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WaNj5ERNoAMFZSA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ed8fb2-171a62aa5b6129252b6799a1;Sampled=0 x-amzn-remapped-date: Fri, 05 Aug 2022 21:46:26 GMT x-amz-cf-pop: HIO50-C1, YVR50-C1 x-cache: Miss from cloudfront x-amz-cf-id: A91fveIjnkMpZ7jHHY5n7hdB5jBK-VKqPbe7_PyxJlnXKP-fq-zEXg== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5928d4d9c6b3f72b0368c10c784489cc.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 21:47:22 GMT etag: "2f672c1b11a1c279f429a25e80e37c19d87ed31b" content-type: image/jpeg age: 14460 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5927 Md5: 1d51f89b8978e5f853da0ec27aeba1f2 Sha1: 2f672c1b11a1c279f429a25e80e37c19d87ed31b Sha256: 4b1741201668ef2b420b2c6ca02a9acec12b98c5527745229ceb27239a99881d
OPTIONS /sn/ HTTP/1.1 Host: postback.trafficmotor.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://www6.rubyfieraco.uk/ Origin: http://www6.rubyfieraco.uk Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	45.79.38.145 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: openresty/1.13.6.1 Date: Sat, 06 Aug 2022 01:48:23 GMT Content-Length: 0 Connection: close Allow: HEAD, GET, POST, OPTIONS Access-Control-Allow-Origin: http://www6.rubyfieraco.uk Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT Vary: Origin Access-Control-Allow-Headers: content-type --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /sn/ HTTP/1.1 Host: postback.trafficmotor.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.rubyfieraco.uk/ Content-Type: application/json Origin: http://www6.rubyfieraco.uk Content-Length: 141 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text Size: 3 Md5: 8a80554c91d9fca8acb82f023de02f11$ 45.79.38.145 HTTP/1.1 200 OK Content-Type: application/json Server: openresty/1.13.6.1 Date: Sat, 06 Aug 2022 01:48:23 GMT Content-Length: 3 Connection: close Access-Control-Allow-Origin: http://www6.rubyfieraco.uk Vary: Origin --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 3 Md5: 8a80554c91d9fca8acb82f023de02f11 Sha1: 5f36b2ea290645ee34d943220a14b54ee5ea5be5 Sha256: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356