urlquery - report: midwestranchsortingassociation.com/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
midwestranchsortingassociation.com (8)	0	2016-02-05 12:35:04 UTC	2022-11-15 21:58:22 UTC	198.54.114.211	Unknown ranking
ocsp.sectigo.com (1)	487	2019-11-29 11:50:24 UTC	2021-09-17 20:05:40 UTC	172.64.155.188
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	35.161.6.128
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
r3.o.lencr.org (7)	344	No data	No data	23.36.77.32
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-15 06:00:48 UTC	34.117.237.239
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-15 05:59:39 UTC	34.102.187.140

Scan Date	Severity	Indicator	Comment
2022-11-16	2	midwestranchsortingassociation.com/	Malware
2022-11-16	2	midwestranchsortingassociation.com/	Malware
2022-11-16	2	midwestranchsortingassociation.com/_autoindex/assets/js/tablesort.js	Malware
2022-11-16	2	midwestranchsortingassociation.com/_autoindex/assets/js/tablesort.number.js	Malware
2022-11-16	2	midwestranchsortingassociation.com/_autoindex/assets/icons/folder-fill.svg	Malware
2022-11-16	2	midwestranchsortingassociation.com/_autoindex/assets/icons/file.svg	Malware

Scan Date	Severity	Indicator	Comment
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed

Scan Date	Severity	Indicator	Comment
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed
2022-11-16	2	midwestranchsortingassociation.com	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-11-16 11:52:29 +0000	0 - 0 - 6	midwestranchsortingassociation.com/ttcr/index (...)	198.54.114.211
2022-11-16 04:36:15 +0000	0 - 0 - 6	midwestranchsortingassociation.com/Taiwan.zip	198.54.114.211
2022-11-16 04:35:59 +0000	0 - 0 - 22	midwestranchsortingassociation.com/	198.54.114.211
2022-09-07 02:30:25 +0000	0 - 0 - 37	www.chrisownbey.com/	198.54.114.211

Date	UQ / IDS / BL	URL	IP
2023-02-05 11:25:24 +0000	0 - 0 - 9	loopcoders.com/IMI.php	66.29.132.103
2023-02-05 10:59:10 +0000	0 - 0 - 5	scrapella.com/bemob/7q/as-wi/1/	185.61.153.111
2023-02-05 10:57:16 +0000	0 - 0 - 8	scrapella.com/hayam/pr	185.61.153.111
2023-02-05 10:45:08 +0000	0 - 0 - 1	samanthahealeyphotography.com/	198.54.117.242
2023-02-05 10:37:06 +0000	0 - 1 - 0	teamtingles.com/	162.255.119.95

Date	UQ / IDS / BL	URL	IP
2022-11-16 11:52:29 +0000	0 - 0 - 6	midwestranchsortingassociation.com/ttcr/index (...)	198.54.114.211
2022-11-16 04:36:15 +0000	0 - 0 - 6	midwestranchsortingassociation.com/Taiwan.zip	198.54.114.211
2022-11-16 04:35:59 +0000	0 - 0 - 22	midwestranchsortingassociation.com/	198.54.114.211

Date	UQ / IDS / BL	URL	IP
2023-01-18 21:50:08 +0000	0 - 0 - 5	excelfiletransfer.waxsystems.com/	5.180.187.137
2022-12-06 06:04:18 +0000	0 - 0 - 22	englishtrack.finalproject.xyz/	162.213.196.78
2022-12-05 19:48:33 +0000	0 - 0 - 22	englishtrack.finalproject.xyz/	162.213.196.78
2022-12-03 19:59:39 +0000	0 - 0 - 6	accounts.unitedlogisticsgroup.com/	162.0.232.56
2022-12-03 11:35:15 +0000	0 - 0 - 22	tesla.mordenex.com/	198.54.121.237

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0" Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15715 Expires: Wed, 16 Nov 2022 08:57:43 GMT Date: Wed, 16 Nov 2022 04:35:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7786cd9bd97e024b3a1d16215defaad2 Sha1: 786ddbb74b0b6bd9270622dbe0258d6caee407c1 Sha256: 9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4162 Cache-Control: max-age=111881 Date: Wed, 16 Nov 2022 04:35:48 GMT Etag: "63736a6b-1d7" Expires: Thu, 17 Nov 2022 11:40:29 GMT Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 4fe5a11c3ca8a150aad830b739f24b58 Sha1: 898b730b1a66dd49c6f018333ba828410f63f347 Sha256: 2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 16 Nov 2022 03:44:43 GMT cache-control: public,max-age=3600 age: 3065 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F" Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15131 Expires: Wed, 16 Nov 2022 08:47:59 GMT Date: Wed, 16 Nov 2022 04:35:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c88bc06741ab9fb81c2544acfcc34aa2 Sha1: 362cab19cff5aba27f472cc00071d5dfa38192e4 Sha256: 314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 3X+zikLoQ8bENnWq2gAbDnXUxHgZLANc2xGDXZhJChAmWvH5fpF3igYkaewQsbdM+uTxhAFTi9E= x-amz-request-id: JTYD4MG08PSAB2JP content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 16 Nov 2022 04:14:33 GMT age: 1275 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 16 Nov 2022 04:35:48 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET / HTTP/1.1 Host: midwestranchsortingassociation.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: midwestranchsortingassociation.com/ FQDN: midwestranchsortingassociation.com IP: 198.54.114.211 HASH: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 198.54.114.211 HTTP/1.1 301 Moved Permanently content-type: text/html keep-alive: timeout=5, max=100 content-length: 707 date: Wed, 16 Nov 2022 04:35:48 GMT server: LiteSpeed location: https://midwestranchsortingassociation.com/ x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 707 Md5: 1304294c0823ca486542ba408ed761e3 Sha1: b2a70fb2d810ca13985882e6981f33998823e83e Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 16 Nov 2022 03:44:49 GMT cache-control: public,max-age=3600 age: 3059 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6458 Cache-Control: max-age=109124 Date: Wed, 16 Nov 2022 04:35:49 GMT Etag: "637356af-1d7" Expires: Thu, 17 Nov 2022 10:54:33 GMT Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: de57a2d376db743a3987c454889f1f21 Sha1: 0defab699bdb1b158026f93c2dd105bcd65f6764 Sha256: b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: 410a63672045a8bd6f54e0591098f27de650bf86f910131e69406dc4357b3efe 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 16 Nov 2022 04:35:49 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Mon, 14 Nov 2022 09:32:11 GMT Expires: Mon, 21 Nov 2022 09:32:10 GMT Etag: "90debdc5e5dd55910c999d4ef916dfe9c7fb190e" Cache-Control: max-age=449180,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 76ad85a968c9b523-OSL --- Additional Info --- Magic: data Size: 471 Md5: 8a582fd9974be5b03c63c9df641d7d20 Sha1: 90debdc5e5dd55910c999d4ef916dfe9c7fb190e Sha256: 410a63672045a8bd6f54e0591098f27de650bf86f910131e69406dc4357b3efe
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: zlyuHsifn3yujSzn5tHXwA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.161.6.128 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.161.6.128 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: HTlEL0+pNLuIbnZgbKPAd7UfIMc= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: midwestranchsortingassociation.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: midwestranchsortingassociation.com/ FQDN: midwestranchsortingassociation.com IP: 198.54.114.211 HASH: d624db8d521407449f02aae9db2b3224c68386acab6a79332288e1fbef9eb494 198.54.114.211 HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-length: 598 content-encoding: br vary: Accept-Encoding date: Wed, 16 Nov 2022 04:35:49 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (400) Size: 598 Md5: 0fe7699a79b5665cb6f82f8cc23412aa Sha1: 25aac2f40f1dd930556c28abd949c6f58d2e7038 Sha256: d624db8d521407449f02aae9db2b3224c68386acab6a79332288e1fbef9eb494 Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /_autoindex/assets/css/autoindex.css HTTP/1.1 Host: midwestranchsortingassociation.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://midwestranchsortingassociation.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: midwestranchsortingassociation.com/_autoindex/assets/cs (...) FQDN: midwestranchsortingassociation.com IP: 198.54.114.211 HASH: 566282f53593ebd16cf016484c1f38f95ff6565574d46c8d87caa3b0ecb8c34d 198.54.114.211 HTTP/2 200 OK content-type: text/css cache-control: public, max-age=604800 expires: Wed, 23 Nov 2022 04:35:49 GMT last-modified: Sat, 12 Nov 2022 19:06:57 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 1170 date: Wed, 16 Nov 2022 04:35:49 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 1170 Md5: fc2f7689496dd9f53adfc8947de492ae Sha1: 7f7ef59700bedbb295acd0b8e50539bff030d00a Sha256: 566282f53593ebd16cf016484c1f38f95ff6565574d46c8d87caa3b0ecb8c34d Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /_autoindex/assets/js/tablesort.js HTTP/1.1 Host: midwestranchsortingassociation.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://midwestranchsortingassociation.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: midwestranchsortingassociation.com/_autoindex/assets/js (...) FQDN: midwestranchsortingassociation.com IP: 198.54.114.211 HASH: 847c58748da4b464d0aefd9a64c96db346099634b808ce8c5eaa6d5f955cb36a 198.54.114.211 HTTP/2 200 OK content-type: application/javascript cache-control: public, max-age=604800 expires: Wed, 23 Nov 2022 04:35:49 GMT last-modified: Sat, 12 Nov 2022 19:06:57 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 2137 date: Wed, 16 Nov 2022 04:35:49 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 2137 Md5: 4061751aab621fbf66bd8c9975b54b65 Sha1: b31fe95ae110b753a6be4013ca839d3eebab203e Sha256: 847c58748da4b464d0aefd9a64c96db346099634b808ce8c5eaa6d5f955cb36a Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /_autoindex/assets/js/tablesort.number.js HTTP/1.1 Host: midwestranchsortingassociation.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://midwestranchsortingassociation.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: midwestranchsortingassociation.com/_autoindex/assets/js (...) FQDN: midwestranchsortingassociation.com IP: 198.54.114.211 HASH: ec51501323424275368f90f8184547b8452c35724b32a374733e14e31c936f6f 198.54.114.211 HTTP/2 200 OK content-type: application/javascript cache-control: public, max-age=604800 expires: Wed, 23 Nov 2022 04:35:49 GMT last-modified: Sat, 12 Nov 2022 19:06:57 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 322 date: Wed, 16 Nov 2022 04:35:49 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 322 Md5: 4247e6bb391c17a14c3760e0e161740f Sha1: db1b96b5f82c76287a0a5fb85e9bbfcbf104f3d0 Sha256: ec51501323424275368f90f8184547b8452c35724b32a374733e14e31c936f6f Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /_autoindex/assets/icons/folder-fill.svg HTTP/1.1 Host: midwestranchsortingassociation.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://midwestranchsortingassociation.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: midwestranchsortingassociation.com/_autoindex/assets/ic (...) FQDN: midwestranchsortingassociation.com IP: 198.54.114.211 HASH: 09ac189cdfbedef9040091d7c918fcf3e947acd6d5b89287eaec98d9f02f383d 198.54.114.211 HTTP/2 200 OK content-type: image/svg+xml cache-control: public, max-age=604800 expires: Wed, 23 Nov 2022 04:35:49 GMT last-modified: Sat, 12 Nov 2022 19:06:57 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 333 date: Wed, 16 Nov 2022 04:35:49 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 333 Md5: 686886c3ce961b02b4facb7b5e91e3d5 Sha1: 14c06e36dccdcb2eefadb5d5f1a5c91126b0c369 Sha256: 09ac189cdfbedef9040091d7c918fcf3e947acd6d5b89287eaec98d9f02f383d Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /_autoindex/assets/icons/file.svg HTTP/1.1 Host: midwestranchsortingassociation.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://midwestranchsortingassociation.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: midwestranchsortingassociation.com/_autoindex/assets/ic (...) FQDN: midwestranchsortingassociation.com IP: 198.54.114.211 HASH: 12395e68b9b1ec1b298db1ce6e6596a25d64c863373670e5dcfb6c6878e0e85a 198.54.114.211 HTTP/2 200 OK content-type: image/svg+xml cache-control: public, max-age=604800 expires: Wed, 23 Nov 2022 04:35:49 GMT last-modified: Sat, 12 Nov 2022 19:06:57 GMT accept-ranges: bytes content-encoding: br vary: Accept-Encoding content-length: 354 date: Wed, 16 Nov 2022 04:35:49 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 354 Md5: 32e702b854daf4865cabf344db7132d9 Sha1: 779ecb4ef3ea30ceb032a78401752efdefdeae41 Sha256: 12395e68b9b1ec1b298db1ce6e6596a25d64c863373670e5dcfb6c6878e0e85a Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /favicon.ico HTTP/1.1 Host: midwestranchsortingassociation.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://midwestranchsortingassociation.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: midwestranchsortingassociation.com/favicon.ico FQDN: midwestranchsortingassociation.com IP: 198.54.114.211 HASH: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 198.54.114.211 HTTP/2 404 Not Found content-type: text/html cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-length: 1238 date: Wed, 16 Nov 2022 04:35:50 GMT server: LiteSpeed x-turbo-charged-by: LiteSpeed x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload; referrer-policy: no-referrer-when-downgrade X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 1238 Md5: 0bde7d4b3da67537eaf9188e6f8049cf Sha1: 64300fc482d01d38b40ab20e15960b6509665e5a Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D" Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8927 Expires: Wed, 16 Nov 2022 07:04:37 GMT Date: Wed, 16 Nov 2022 04:35:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9426341bb128c1b6ba16e64df78152b4 Sha1: 08859a30ed6dee233cde4d77f2a04f058991502b Sha256: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D" Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8927 Expires: Wed, 16 Nov 2022 07:04:37 GMT Date: Wed, 16 Nov 2022 04:35:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9426341bb128c1b6ba16e64df78152b4 Sha1: 08859a30ed6dee233cde4d77f2a04f058991502b Sha256: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D" Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8927 Expires: Wed, 16 Nov 2022 07:04:37 GMT Date: Wed, 16 Nov 2022 04:35:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9426341bb128c1b6ba16e64df78152b4 Sha1: 08859a30ed6dee233cde4d77f2a04f058991502b Sha256: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D" Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8927 Expires: Wed, 16 Nov 2022 07:04:37 GMT Date: Wed, 16 Nov 2022 04:35:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9426341bb128c1b6ba16e64df78152b4 Sha1: 08859a30ed6dee233cde4d77f2a04f058991502b Sha256: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D" Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8927 Expires: Wed, 16 Nov 2022 07:04:37 GMT Date: Wed, 16 Nov 2022 04:35:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9426341bb128c1b6ba16e64df78152b4 Sha1: 08859a30ed6dee233cde4d77f2a04f058991502b Sha256: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8235 x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bqY4_HANoAMFSvw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0 x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: _u6Uhc-g_xPTRSYys5rD3GC00roubyJdBRuHruvoMLf-UEAB6_zdQw== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google date: Tue, 15 Nov 2022 21:46:20 GMT age: 24570 etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8235 Md5: 98802857df59f8eacd9211811cc59ae6 Sha1: 87e277a627c1085cad5c6e38bdd5100aa0a9ecee Sha256: 102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6629 x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bqY6CG9IoAMF8rA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0 x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 4i9jW2AQ8PhWl9i01KDda11PoSD1csf_Gs7nwME9o2Oxft0UldI6vQ== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Tue, 15 Nov 2022 21:47:49 GMT age: 24481 etag: "bc2bb7815b062941d51fde65574851db55be37dc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6629 Md5: edd6a84f848a83f4d1990f92b4807def Sha1: bc2bb7815b062941d51fde65574851db55be37dc Sha256: 4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11715 x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bdMhUHkpIAMFfJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0 x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google date: Tue, 15 Nov 2022 21:45:58 GMT age: 24592 etag: "5109c156b180727767fc03c411190ccc0d3fb5fc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11715 Md5: cd5bdc050716bb76afe8090fc81617e7 Sha1: 5109c156b180727767fc03c411190ccc0d3fb5fc Sha256: 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6b3e294fc0977cd09c1565d5a6396a63b2ad5f7005b9f1e136c33cedae49f436 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8236 x-amzn-requestid: 74104064-6d6f-44ef-ad9f-6550971f17f4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bqYEBET6oAMF_cQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637406e6-269579cf1723940b16588c76;Sampled=0 x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: NoKPqN-FpS9ibMgsRSPIDrlu8I7OG_P_v7JHEcrBQE4ushlrVF5Yuw== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google date: Tue, 15 Nov 2022 22:08:55 GMT age: 23215 etag: "5d6f0e9bec236755d70ac6779e86684795e5c798" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8236 Md5: ed2eb8cd1cffa83445bfc822fff3cd95 Sha1: 5d6f0e9bec236755d70ac6779e86684795e5c798 Sha256: 6b3e294fc0977cd09c1565d5a6396a63b2ad5f7005b9f1e136c33cedae49f436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 80f2913428758b1250218865a3e6697881ed3ed626f702c94fd0a5c7f354a2b1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8981 x-amzn-requestid: 4945a047-3048-4dfb-aba5-6cde2b52b240 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bqYEAG7roAMF30Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637406e6-6928cd8c1439aac80444cd7b;Sampled=0 x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: ls987SlzVbSWiZwE4ahKBdQ_vJknoy88LkGHnEYfie4M1l584VbB_w== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Tue, 15 Nov 2022 22:00:01 GMT age: 23749 etag: "d81bf6504b30d50cf9cb14f8efca8e961f422a57" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8981 Md5: c774a9a33f0c86087fe36fe18cf02db8 Sha1: d81bf6504b30d50cf9cb14f8efca8e961f422a57 Sha256: 80f2913428758b1250218865a3e6697881ed3ed626f702c94fd0a5c7f354a2b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4919 x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bqYFFEnxoAMFdCQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0 x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: PhUSR2Y2GRZkB5UTrMma8vnIddc44pLJ2Sppk63xQyMC2imKLn-R4A== via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Tue, 15 Nov 2022 21:47:46 GMT age: 24484 etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4919 Md5: a698bf97cc6c0c464ed1a2b2adb1c1d3 Sha1: a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0 Sha256: 64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0" 

                                        
                                            
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15715 

                                        
                                            
Expires: Wed, 16 Nov 2022 08:57:43 GMT 

                                        
                                            
Date: Wed, 16 Nov 2022 04:35:48 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7786cd9bd97e024b3a1d16215defaad2

                                                Sha1:   786ddbb74b0b6bd9270622dbe0258d6caee407c1

                                                Sha256: 9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Wed, 16 Nov 2022 03:44:43 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 3065 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    d130218d0e2841f39c99610fe1a2ab90

                                                Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945

                                                Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: 3X+zikLoQ8bENnWq2gAbDnXUxHgZLANc2xGDXZhJChAmWvH5fpF3igYkaewQsbdM+uTxhAFTi9E= 

                                        
                                            
x-amz-request-id: JTYD4MG08PSAB2JP 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Wed, 16 Nov 2022 04:14:33 GMT 

                                        
                                            
age: 1275 

                                        
                                            
last-modified: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
etag: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    67d5a988edcda47bc3b3b3f65d32b4b6

                                                Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f

                                                Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6458 

                                        
                                            
Cache-Control: max-age=109124 

                                        
                                            
Date: Wed, 16 Nov 2022 04:35:49 GMT 

                                        
                                            
Etag: "637356af-1d7" 

                                        
                                            
Expires: Thu, 17 Nov 2022 10:54:33 GMT 

                                        
                                            
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    de57a2d376db743a3987c454889f1f21

                                                Sha1:   0defab699bdb1b158026f93c2dd105bcd65f6764

                                                Sha256: b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: zlyuHsifn3yujSzn5tHXwA== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         35.161.6.128

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: HTlEL0+pNLuIbnZgbKPAd7UfIMc= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D" 

                                        
                                            
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8927 

                                        
                                            
Expires: Wed, 16 Nov 2022 07:04:37 GMT 

                                        
                                            
Date: Wed, 16 Nov 2022 04:35:50 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9426341bb128c1b6ba16e64df78152b4

                                                Sha1:   08859a30ed6dee233cde4d77f2a04f058991502b

                                                Sha256: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D" 

                                        
                                            
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8927 

                                        
                                            
Expires: Wed, 16 Nov 2022 07:04:37 GMT 

                                        
                                            
Date: Wed, 16 Nov 2022 04:35:50 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9426341bb128c1b6ba16e64df78152b4

                                                Sha1:   08859a30ed6dee233cde4d77f2a04f058991502b

                                                Sha256: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D" 

                                        
                                            
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8927 

                                        
                                            
Expires: Wed, 16 Nov 2022 07:04:37 GMT 

                                        
                                            
Date: Wed, 16 Nov 2022 04:35:50 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9426341bb128c1b6ba16e64df78152b4

                                                Sha1:   08859a30ed6dee233cde4d77f2a04f058991502b

                                                Sha256: 209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6629 

                                        
                                            
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: bqY6CG9IoAMF8rA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 4i9jW2AQ8PhWl9i01KDda11PoSD1csf_Gs7nwME9o2Oxft0UldI6vQ== 

                                        
                                            
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 15 Nov 2022 21:47:49 GMT 

                                        
                                            
age: 24481 

                                        
                                            
etag: "bc2bb7815b062941d51fde65574851db55be37dc" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6629

                                                Md5:    edd6a84f848a83f4d1990f92b4807def

                                                Sha1:   bc2bb7815b062941d51fde65574851db55be37dc

                                                Sha256: 4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fb99a77-d99a-486f-b11a-d0f855262383.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8236 

                                        
                                            
x-amzn-requestid: 74104064-6d6f-44ef-ad9f-6550971f17f4 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: bqYEBET6oAMF_cQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637406e6-269579cf1723940b16588c76;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: NoKPqN-FpS9ibMgsRSPIDrlu8I7OG_P_v7JHEcrBQE4ushlrVF5Yuw== 

                                        
                                            
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 15 Nov 2022 22:08:55 GMT 

                                        
                                            
age: 23215 

                                        
                                            
etag: "5d6f0e9bec236755d70ac6779e86684795e5c798" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8236

                                                Md5:    ed2eb8cd1cffa83445bfc822fff3cd95

                                                Sha1:   5d6f0e9bec236755d70ac6779e86684795e5c798

                                                Sha256: 6b3e294fc0977cd09c1565d5a6396a63b2ad5f7005b9f1e136c33cedae49f436

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 4919 

                                        
                                            
x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: bqYFFEnxoAMFdCQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: PhUSR2Y2GRZkB5UTrMma8vnIddc44pLJ2Sppk63xQyMC2imKLn-R4A== 

                                        
                                            
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 15 Nov 2022 21:47:46 GMT 

                                        
                                            
age: 24484 

                                        
                                            
etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   4919

                                                Md5:    a698bf97cc6c0c464ed1a2b2adb1c1d3

                                                Sha1:   a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0

                                                Sha256: 64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad

URL	midwestranchsortingassociation.com/
IP	198.54.114.211 (United States)
ASN	#22612 NAMECHEAP-NET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-16 04:35:59 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	22
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 198.54.114.211

Last 5 reports on ASN: NAMECHEAP-NET

Last 3 reports on domain: midwestranchsortingassociation.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (29)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 198.54.114.211

Last 5 reports on ASN: NAMECHEAP-NET

Last 3 reports on domain: midwestranchsortingassociation.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (3)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (29)

Network Intrusion Detection Systems