Overview

URL loneoakmarketing.com/mtm/direct/.eJx1kEtSwzAQRO_iZUjiGFc5xhRncSnyxJb1GX1GjmSKuyNgR8Gup_tt3rxX0YtqqOqFyA61QgPIpGZeAgkznznqWpOuJ-GBU32GNftNIGUVciS5KfsIFxOp5xfvOy8Na1c9wVb4lueTm_TJ8MXGiancqHuIEUMQ_exmloVSFJGCyJyvdhdyE30yKYqJG5v7xu5wNVdAvEap88ukdjneO7cj6QaZQ989Nrs5xW6WVv0YGrOm52XIC1JSezdDWL0b2xHnU4BbuzhZHSvm51B8S_JwBw--HD_uf8oXbsFAo2EaCvkPwjgHS2UnSFReqdWRWasEZyTQ1OmreUq_W61e3dvl_HI81Ifv1Fcfn25PlJI:1oDqtx:9yUZ8SoDDtmpc-S22qeTvEfMpFs/2
IP45.33.2.79
ASNLinode, LLC
Location United States
Report completed2022-07-19 17:21:13 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-19 2 loneoakmarketing.com/mtm/direct/.eJx1kEtSwzAQRO_iZUjiGFc5xhRncSnyxJb1GX1Gjm (...) Malware
2022-07-19 2 www1.loneoakmarketing.com/ls.php Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-19 2 loneoakmarketing.com Sinkholed
2022-07-19 2 loneoakmarketing.com Sinkholed
2022-07-19 2 loneoakmarketing.com Sinkholed
2022-07-19 2 loneoakmarketing.com Sinkholed
2022-07-19 2 loneoakmarketing.com Sinkholed
2022-07-19 2 loneoakmarketing.com Sinkholed


Files

No files detected



Passive DNS (14)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.118
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-19 11:52:34 UTC 54.230.111.64
[Mnemonic Passive DNS] partner.googleadservices.com (1) 798 2017-01-30 04:56:54 UTC 2022-07-19 11:41:04 UTC 142.250.74.98
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-19 14:48:14 UTC 34.120.237.76
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-07-19 11:40:56 UTC 23.36.76.226
[Mnemonic Passive DNS] loneoakmarketing.com (1) 0 2018-12-10 10:25:07 UTC 2018-12-10 10:25:07 UTC 198.58.118.167 Unknown ranking
[Mnemonic Passive DNS] d1lxhc4jvstzrp.cloudfront.net (4) 0 No data No data 54.230.245.166 Unknown ranking
[Mnemonic Passive DNS] www.google.com (2) 7 2012-05-22 04:23:54 UTC 2022-07-19 02:56:12 UTC 142.250.74.164
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-19 16:59:45 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-19 12:05:21 UTC 52.89.15.44
[Mnemonic Passive DNS] www1.loneoakmarketing.com (5) 0 2022-06-02 20:48:33 UTC 2022-07-19 15:36:05 UTC 99.83.136.84 Unknown ranking
[Mnemonic Passive DNS] ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-07-19 11:40:55 UTC 142.250.74.3
[Mnemonic Passive DNS] afs.googleusercontent.com (2) 12123 2017-01-30 05:39:23 UTC 2022-07-19 11:52:51 UTC 142.250.74.33


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.33.2.79

Date UQ / IDS / BL URL IP
2022-08-14 06:45:34 +0000
0 - 0 - 2 pgdavevecollage.in/mtm/direct/.eJxtjksOwjAMRO (...) 45.33.2.79
2022-08-14 03:53:18 +0000
0 - 0 - 3 alrxa.com/ 45.33.2.79
2022-08-14 03:52:18 +0000
0 - 0 - 2 boogerbarter.com/mtm/direct/.eJxtikEOwjAMBP_i (...) 45.33.2.79
2022-08-14 02:34:34 +0000
0 - 0 - 1 sizzlincelebs.vsni.com/mtm/direct/.eJx1yssKAj (...) 45.33.2.79
2022-08-14 00:34:59 +0000
0 - 0 - 3 bloquer.com/ 45.33.2.79
2022-08-13 22:13:05 +0000
0 - 0 - 4 nicerfoods.com/ 45.33.2.79
2022-08-13 20:13:17 +0000
0 - 0 - 2 jumbotgp.com/mtm/direct/.eJxdikEOwjAMBP_iY4lq (...) 45.33.2.79
2022-08-13 18:04:48 +0000
0 - 0 - 2 xxxarea.com/mtm/direct/.eJxdikEOwjAMBP_iYxvVP (...) 45.33.2.79
2022-08-13 15:50:41 +0000
0 - 0 - 2 sohodecor.com/mtm/direct/.eJxdikEOwjAMBP_iY4l (...) 45.33.2.79
2022-08-13 15:44:45 +0000
0 - 0 - 2 pinkjade.com/ 45.33.2.79

Last 10 reports on ASN: Linode, LLC

Date UQ / IDS / BL URL IP
2022-08-14 06:45:35 +0000
0 - 0 - 2 pgdavevecollage.in/mtm/direct/.eJxtkElSwzAQRe (...) 45.33.30.197
2022-08-14 06:45:34 +0000
0 - 0 - 2 pgdavevecollage.in/mtm/direct/.eJxtjksOwjAMRO (...) 45.33.2.79
2022-08-14 06:26:59 +0000
0 - 0 - 2 cheatshacksfreedownload.com/mtm/direct/.ejx9i (...) 198.58.118.167
2022-08-14 06:26:46 +0000
0 - 0 - 2 advanced-esthetic.us/http:/advanced-esthetic. (...) 198.58.118.167
2022-08-14 06:24:33 +0000
0 - 0 - 3 blackarse.com/mtm/direct/.ejxdikeowjambp_iy4l (...) 45.79.19.196
2022-08-14 06:23:47 +0000
0 - 0 - 2 tarotcanada.com/mtm/direct/.eJxliksKAkEMBe-S5 (...) 45.33.18.44
2022-08-14 06:22:02 +0000
0 - 0 - 2 tits.net/mtm/direct/.eJxdycEKwjAQhOF32WMNXY9a (...) 173.255.194.134
2022-08-14 06:19:07 +0000
0 - 0 - 3 indianmoviemall.com/ 45.33.30.197
2022-08-14 06:00:03 +0000
0 - 0 - 1 accessalohatravel.com/mtm/direct/.eJx1ikEKAjE (...) 72.14.185.43
2022-08-14 05:45:16 +0000
0 - 0 - 2 mothernature.one/wp-content/plugins/woocommer (...) 45.33.20.235

Last 8 reports on domain: loneoakmarketing.com

Date UQ / IDS / BL URL IP
2022-08-06 00:29:16 +0000
0 - 0 - 8 loneoakmarketing.com/mtm/direct/.eJx1kMtugzAQ (...) 45.33.23.183
2022-08-05 15:12:29 +0000
0 - 0 - 8 loneoakmarketing.com/mtm/direct/.eJx1kMFygjAU (...) 45.33.2.79
2022-07-14 04:07:02 +0000
0 - 0 - 14 loneoakmarketing.com/http:/loneoakmarketing.c (...) 45.33.20.235
2022-07-11 10:11:29 +0000
0 - 0 - 8 loneoakmarketing.com/mtm/direct/.eJx1kE1zgjAU (...) 45.56.79.23
2022-07-10 18:52:03 +0000
0 - 0 - 7 loneoakmarketing.com/mtm/direct/.eJx1kF1TgkAU (...) 45.33.23.183
2022-07-08 02:45:37 +0000
0 - 0 - 8 loneoakmarketing.com/mtm/direct/.eJx1kEtygzAQ (...) 45.33.20.235
2022-07-04 12:55:25 +0000
0 - 0 - 11 loneoakmarketing.com/http:/loneoakmarketing.c (...) 45.33.30.197
2022-06-30 13:04:57 +0000
0 - 0 - 14 loneoakmarketing.com/http:/loneoakmarketing.c (...) 45.56.79.23


JavaScript

Executed Scripts (19)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (39)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 19 Jul 2022 16:29:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: q7gdmhaTMiVFWRJjWh0rC9Z0SaTzy6FDvjrd7ISkuWzH1hoXUjMm5A==
Age: 3068


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3060DB1F18156F1834A622852EDE38ADB2329C923CCD0B10D9079FBB4DDC9192"
Last-Modified: Mon, 18 Jul 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13441
Expires: Tue, 19 Jul 2022 21:05:01 GMT
Date: Tue, 19 Jul 2022 17:21:00 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 19 Jul 2022 00:47:18 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S8EisoNTaSaLBroLH0vYVDhq6yZ99lYUUnYAG_RrqTpKb-omehqkeg==
age: 59622
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /mtm/direct/.eJx1kEtSwzAQRO_iZUjiGFc5xhRncSnyxJb1GX1GjmSKuyNgR8Gup_tt3rxX0YtqqOqFyA61QgPIpGZeAgkznznqWpOuJ-GBU32GNftNIGUVciS5KfsIFxOp5xfvOy8Na1c9wVb4lueTm_TJ8MXGiancqHuIEUMQ_exmloVSFJGCyJyvdhdyE30yKYqJG5v7xu5wNVdAvEap88ukdjneO7cj6QaZQ989Nrs5xW6WVv0YGrOm52XIC1JSezdDWL0b2xHnU4BbuzhZHSvm51B8S_JwBw--HD_uf8oXbsFAo2EaCvkPwjgHS2UnSFReqdWRWasEZyTQ1OmreUq_W61e3dvl_HI81Ifv1Fcfn25PlJI:1oDqtx:9yUZ8SoDDtmpc-S22qeTvEfMpFs/2 HTTP/1.1 
Host: loneoakmarketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         198.58.118.167
HTTP/1.1 302 Found
                                        
server: openresty/1.13.6.1
date: Tue, 19 Jul 2022 17:21:00 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.loneoakmarketing.com/?tm=1&subid4=1658251260.0474040000&kw=Digital+Marketing&KW1=Digital%20Marketing%20Services&KW2=Social%20Media%20Marketing&KW3=Business%20Lead%20Generation&KW4=Brand%20Management%20Platform&KW5=Email%20Marketing%20Automation%20System&searchbox=0&domainname=0&backfill=0
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJsb25lb2FrbWFya2V0aW5nLmNvbSIsImh0dHA6Ly93d3cxLmxvbmVvYWttYXJrZXRpbmcuY29tLz90bT0xJnN1YmlkND0xNjU4MjUxMjYwLjA0NzQwNDAwMDAma3c9RGlnaXRhbCtNYXJrZXRpbmcmS1cxPURpZ2l0YWwlMjBNYXJrZXRpbmclMjBTZXJ2aWNlcyZLVzI9U29jaWFsJTIwTWVkaWElMjBNYXJrZXRpbmcmS1czPUJ1c2luZXNzJTIwTGVhZCUyMEdlbmVyYXRpb24mS1c0PUJyYW5kJTIwTWFuYWdlbWVudCUyMFBsYXRmb3JtJktXNT1FbWFpbCUyME1hcmtldGluZyUyMEF1dG9tYXRpb24lMjBTeXN0ZW0mc2VhcmNoYm94PTAmZG9tYWlubmFtZT0wJmJhY2tmaWxsPTAiLDEsIjIwMjItMDctMTkgMTc6MjE6MDAiLDEsIjE2NTgyNTEyNjAuMDQ3NDA0MDAwMCIsMTgzLG51bGwsbnVsbF0:1oDqu4:rGs-Euxt7HTPquBoPX61UOtCdXs; expires=Tue, 19-Jul-2022 18:21:00 GMT; Max-Age=3600; Path=/
connection: close


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 19 Jul 2022 17:21:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /?tm=1&subid4=1658251260.0474040000&kw=Digital+Marketing&KW1=Digital%20Marketing%20Services&KW2=Social%20Media%20Marketing&KW3=Business%20Lead%20Generation&KW4=Brand%20Management%20Platform&KW5=Email%20Marketing%20Automation%20System&searchbox=0&domainname=0&backfill=0 HTTP/1.1 
Host: www1.loneoakmarketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         99.83.136.84
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 19 Jul 2022 17:21:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket078
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_YtHePSlO6LoPi9F0P4AaWflr7R9xJoottft+LCi+wc7F/7Os1f5jCwR79F0dWe1Jh42aj9RTvef5NemAFriwEQ==
X-Template: tpl_Regnitz_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2972)
Size:   5154
Md5:    627f425748a627ba460e5501919d7d31
Sha1:   2dfe0aeb171c2c10c94e5cab7574971f07b4419b
Sha256: f3557feb0ff76c19d43a186e5f8e3f85bdd1a76e983295cf5733ec423c62505d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /themes/assets/style.css HTTP/1.1 
Host: d1lxhc4jvstzrp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/

                                         
                                         54.230.245.166
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Tue, 19 Jul 2022 06:34:08 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Content-Encoding: gzip
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: evxaHfyc1lv5Cl5CSSl7Qq_-t2FPxjOpF9YEOkly4UoDMrkt6JaxRQ==
Age: 38813


--- Additional Info ---
Magic:  ASCII text
Size:   343
Md5:    03a4a8c322fc0c99b0ee7cbbcc9eabcd
Sha1:   6fc193276de2a3458cd853c474cb9269b900e00d
Sha256: a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
                                        
                                            GET /scripts/js3caf.js HTTP/1.1 
Host: d1lxhc4jvstzrp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/

                                         
                                         54.230.245.166
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 7000
Connection: keep-alive
Server: nginx
Date: Tue, 19 Jul 2022 00:50:11 GMT
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
Accept-Ranges: bytes
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: HnlECcqqGsSrGb8WvJm0YD8R5pzF5N47xUOVC8qHEggLKvd-85c7SQ==
Age: 59450


--- Additional Info ---
Magic:  ASCII text, with very long lines (316)
Size:   7000
Md5:    cce7f943ec8e7b4ba13be4aba6b463d9
Sha1:   220f3e8ca723daa91fd040cf518991a65f2bf110
Sha256: ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
                                        
                                            GET /themes/regnitz_0f823431/style.css HTTP/1.1 
Host: d1lxhc4jvstzrp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/

                                         
                                         54.230.245.166
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Tue, 19 Jul 2022 02:16:28 GMT
Last-Modified: Fri, 25 Feb 2022 11:24:01 GMT
Content-Encoding: gzip
ETag: W/"6218bc51-4ec"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fBrbM6_OrpTMRN-gHoQDzGFUtmji3oEXsagufmYfAfaVnAbGjolIkw==
Age: 54273


--- Additional Info ---
Magic:  ASCII text
Size:   539
Md5:    3138e35c7232f3c11463560722a0ac79
Sha1:   b3e50fa997933e788c1a8800b347ba592b2ff913
Sha256: b53565fe44fb5034ed78e704aee57c620c37819a13286af740aab63b41550d46
                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/

                                         
                                         142.250.74.164
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Tue, 19 Jul 2022 17:21:01 GMT
Expires: Tue, 19 Jul 2022 17:21:01 GMT
Cache-Control: private, max-age=3600
ETag: "13046172457730334809"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text, with very long lines (2174)
Size:   52992
Md5:    c40df944d20a100df0507bd6cd4bce2f
Sha1:   eb0e2c484c64ac2d516c45262e15e580b6af5b60
Sha256: 3d09b617c213cd6b46acdf448196941ca6672c31e57fafa291f44fe2eb8b21fe
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3056
Cache-Control: 'max-age=158059'
Date: Tue, 19 Jul 2022 17:21:01 GMT
Last-Modified: Tue, 19 Jul 2022 16:30:05 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 19 Jul 2022 17:08:32 GMT
Expires: Tue, 19 Jul 2022 17:37:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _CA7IIh2c1HiybLBgjUpfIs_0BoaDoccVe0kG9NP2lTmjDL8nhAo8w==
Age: 749


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Cn0yLSEXex7rw8XIRuMRYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.15.44
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Sw4XhC7Z3BYWMzPp6WaNcBcgGX8=

                                        
                                            GET /themes/regnitz_0f823431/img/arrows.png HTTP/1.1 
Host: d1lxhc4jvstzrp.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/style.css

                                         
                                         54.230.245.166
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Tue, 19 Jul 2022 01:54:18 GMT
Last-Modified: Fri, 25 Feb 2022 11:24:01 GMT
Accept-Ranges: bytes
ETag: "6218bc51-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OnLqfbSC0TGLXh0B0cMFnn3Gbfan_52WounI9phm8g0ljxeJnANxjg==
Age: 55603


--- Additional Info ---
Magic:  PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size:   11375
Md5:    0cb2e5165dc9324eb462199f04e1ffa9
Sha1:   9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
Sha256: 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www1.loneoakmarketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/?tm=1&subid4=1658251260.0474040000&kw=Digital+Marketing&KW1=Digital%20Marketing%20Services&KW2=Social%20Media%20Marketing&KW3=Business%20Lead%20Generation&KW4=Brand%20Management%20Platform&KW5=Email%20Marketing%20Automation%20System&searchbox=0&domainname=0&backfill=0

                                         
                                         99.83.136.84
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Tue, 19 Jul 2022 17:21:01 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /track.php?domain=loneoakmarketing.com&toggle=browserjs&uid=MTY1ODI1MTI2MC45Njc5OmE3OTljZTgyNWJjNzcwOWYxZGIwNzE0N2NkNDFhMzhlYTkyODk4YzkzOTQyZDE5Mzk3ODZhOGI1NmU5NTNkYTc6NjJkNmU3ZmNlYzRkZg%3D%3D HTTP/1.1 
Host: www1.loneoakmarketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/?tm=1&subid4=1658251260.0474040000&kw=Digital+Marketing&KW1=Digital%20Marketing%20Services&KW2=Social%20Media%20Marketing&KW3=Business%20Lead%20Generation&KW4=Brand%20Management%20Platform&KW5=Email%20Marketing%20Automation%20System&searchbox=0&domainname=0&backfill=0

                                         
                                         99.83.136.84
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 19 Jul 2022 17:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   20
Md5:    a4745abc5e7fdb89cc6df3069f3c6e69
Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /afs/ads?adtest=off&psid=1420240428&pcsa=false&channel=000001%2C000003%2C000315%2Cbucket078&client=dp-teaminternet12_3ph&r=m&hl=no&terms=Digital%20Marketing%20Services%2CSocial%20Media%20Marketing%2CBusiness%20Lead%20Generation%2CBrand%20Management%20Platform%2CEmail%20Marketing%20Automation%20System&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2983123576258743&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300953%2C17300956%2C17301030%2C17301033&format=r5%7Cs&nocache=1851658251274640&num=0&output=afd_ads&domain_name=www1.loneoakmarketing.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1658251274642&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=760&frm=0&uio=--&cont=tc&jsid=caf&jsv=460221807&rurl=http%3A%2F%2Fwww1.loneoakmarketing.com%2F%3Ftm%3D1%26subid4%3D1658251260.0474040000%26kw%3DDigital%2BMarketing%26KW1%3DDigital%2520Marketing%2520Services%26KW2%3DSocial%2520Media%2520Marketing%26KW3%3DBusiness%2520Lead%2520Generation%26KW4%3DBrand%2520Management%2520Platform%26KW5%3DEmail%2520Marketing%2520Automation%2520System%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
                                        
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Tue, 19 Jul 2022 17:21:02 GMT
expires: Tue, 19 Jul 2022 17:21:02 GMT
cache-control: private, max-age=3600
content-encoding: br
server: gws
content-length: 2295
x-xss-protection: 0
set-cookie: CONSENT=PENDING+237; expires=Thu, 18-Jul-2024 17:21:02 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (7111)
Size:   2295
Md5:    8551340cb4bdbb7209bf78805129cbaf
Sha1:   51fc190f71d4aaa33e87a5405aa5002d2d4f9bb1
Sha256: a57f4652985fdbc6ffcb34bab9b56691ebf1336208eb54f36b1c4d05fb8f7c52
                                        
                                            GET /gampad/cookie.js?domain=www1.loneoakmarketing.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 19 Jul 2022 17:21:02 GMT
server: cafe
cache-control: private
content-length: 189
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   189
Md5:    8f02726498e1fd6d9f6b20a5d02ec9c6
Sha1:   1a93fb7048f9d709660a365bec96ddcd0be4f6cb
Sha256: c756a6a4522c3f73b0ef008193f5feda690c5273bf6387f7f4b02ed6efd8e501
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.33
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 18 Jul 2022 21:28:24 GMT
expires: Tue, 19 Jul 2022 20:28:24 GMT
cache-control: public, max-age=82800
age: 71558
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size:   272
Md5:    bbbac37f0b6e29a6099e4aa7cb19d6ca
Sha1:   0acafe95e2141f0af6109203efeb2d98e6b926c6
Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.33
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 18 Jul 2022 21:07:28 GMT
expires: Tue, 19 Jul 2022 20:07:28 GMT
cache-control: public, max-age=82800
age: 72814
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   174
Md5:    4de8b85c8915995b571bde50e231be7c
Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ls.php HTTP/1.1 
Host: www1.loneoakmarketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2810
Origin: http://www1.loneoakmarketing.com
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/?tm=1&subid4=1658251260.0474040000&kw=Digital+Marketing&KW1=Digital%20Marketing%20Services&KW2=Social%20Media%20Marketing&KW3=Business%20Lead%20Generation&KW4=Brand%20Management%20Platform&KW5=Email%20Marketing%20Automation%20System&searchbox=0&domainname=0&backfill=0
Cookie: GoogleAdServingTest=Good

                                         
                                         99.83.136.84
HTTP/1.1 201 Created
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 62d6e7fea9509c1cee7d3e3a
Charset: utf-8
Access-Control-Allow-Origin: http://www1.loneoakmarketing.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_SS2EBg03XzfOYas/xufHFlpILxgpt7G5GunrlilHAaP7rum/psY4Y4l/TO7dLatEQPTrtWPBCH7juAItBPOtwA==


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /track.php?domain=loneoakmarketing.com&caf=1&toggle=answercheck&answer=yes&uid=MTY1ODI1MTI2MC45Njc5OmE3OTljZTgyNWJjNzcwOWYxZGIwNzE0N2NkNDFhMzhlYTkyODk4YzkzOTQyZDE5Mzk3ODZhOGI1NmU5NTNkYTc6NjJkNmU3ZmNlYzRkZg%3D%3D HTTP/1.1 
Host: www1.loneoakmarketing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.loneoakmarketing.com/?tm=1&subid4=1658251260.0474040000&kw=Digital+Marketing&KW1=Digital%20Marketing%20Services&KW2=Social%20Media%20Marketing&KW3=Business%20Lead%20Generation&KW4=Brand%20Management%20Platform&KW5=Email%20Marketing%20Automation%20System&searchbox=0&domainname=0&backfill=0
Cookie: __gsas=ID=4c1b14de37a33f1d:T=1658251262:S=ALNI_MacVvDq7i01VNNo8XRFt3DIBjoIlA

                                         
                                         99.83.136.84
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 19 Jul 2022 17:21:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   20
Md5:    a4745abc5e7fdb89cc6df3069f3c6e69
Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C2E372CECB5C7878A49D3792E2A0F89925CD59F1DA5C1E99327AE44025679F54"
Last-Modified: Tue, 19 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6074
Expires: Tue, 19 Jul 2022 19:02:16 GMT
Date: Tue, 19 Jul 2022 17:21:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C2E372CECB5C7878A49D3792E2A0F89925CD59F1DA5C1E99327AE44025679F54"
Last-Modified: Tue, 19 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6074
Expires: Tue, 19 Jul 2022 19:02:16 GMT
Date: Tue, 19 Jul 2022 17:21:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C2E372CECB5C7878A49D3792E2A0F89925CD59F1DA5C1E99327AE44025679F54"
Last-Modified: Tue, 19 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6074
Expires: Tue, 19 Jul 2022 19:02:16 GMT
Date: Tue, 19 Jul 2022 17:21:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C2E372CECB5C7878A49D3792E2A0F89925CD59F1DA5C1E99327AE44025679F54"
Last-Modified: Tue, 19 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6074
Expires: Tue, 19 Jul 2022 19:02:16 GMT
Date: Tue, 19 Jul 2022 17:21:02 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c225474-0c72-44d2-b1dd-afbecc219489.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4751
x-amzn-requestid: 8cf57ed5-7807-4eb5-b783-26dacca627e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: VPsvAHeWoAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62cfc193-5b5d1e7507d322e8146974af;Sampled=0
x-amzn-remapped-date: Thu, 14 Jul 2022 07:11:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5XEBkQjLqQsP8O4UTCkOrEK_PUjKzNnPPGi3_mkCDZD1BRkE3R1qSw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 eab8a154a09e69260fbfe4df90182b2e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 18 Jul 2022 23:15:18 GMT
age: 65144
etag: "9d25ce30b6e59a28a158a9b0146b59ac409ee034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4751
Md5:    2688240fc1b87b1a325467b314d7f101
Sha1:   9d25ce30b6e59a28a158a9b0146b59ac409ee034
Sha256: c04e9de630ce407d3110b85dc0508004d7df9fbe5adcbfc52a5f17953ebdedcb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94bede3c-8d9e-4b27-8ede-6436b530a43b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6578
x-amzn-requestid: 9607eeee-e861-48a8-bfd8-31555a5ce501
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ve2b6G51oAMFlVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62d5d118-51947d5052ee97b210611b5a;Sampled=0
x-amzn-remapped-date: Mon, 18 Jul 2022 21:31:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OnYwCFyLfWBCunWNHIuw7NEzBjkO9qPmodY6U-kRxOHIja0OU9By3w==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 18 Jul 2022 21:39:01 GMT
age: 70921
etag: "cc153a8339682ef6e7b5e0501de0d2be25559bf2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6578
Md5:    6952be4d86d563919306766c90983e09
Sha1:   cc153a8339682ef6e7b5e0501de0d2be25559bf2
Sha256: 4821096404859aad0944ed4eac1f8ca8f1965c900d1e82f5dc4808e57fd3b124
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8f7e69-eb08-4bef-a991-6691e3374067.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11292
x-amzn-requestid: 60bbba67-6b32-4ddc-842d-b23a63a1e8f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: VbtCnF0ZIAMFVTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62d48edd-2a61458414126f094fe562a4;Sampled=0
x-amzn-remapped-date: Sun, 17 Jul 2022 22:36:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9wNqhxTwAVJYaCgi4FuvEKjlv4J65gqOIzGylpGd7uVcmxennwiqMQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 18 Jul 2022 22:18:14 GMT
age: 68568
etag: "d6ee01b11e706a72c20e8906960d4cacf34c721b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11292
Md5:    59c054ae5bb0357e6322da81f297af11
Sha1:   d6ee01b11e706a72c20e8906960d4cacf34c721b
Sha256: aadeb78d0558915f93d05b78d8db37a5689864f91b22b76f7ae5c064e1ed1e78
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44b25507-d260-4eb5-b289-4f669e4c790e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5477
x-amzn-requestid: 2f847af1-fe9f-4ee9-adad-35a24978d7c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: VZCi_FdToAMFYXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62d37e12-74d7117e4dee5cde4c5ce641;Sampled=0
x-amzn-remapped-date: Sun, 17 Jul 2022 03:12:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SGVLRu4vlJc5h8gf6LTHD93ndph3Tx3S6TtDIZeU0iMFo9KTzPf1TQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 19 Jul 2022 03:50:13 GMT
age: 48649
etag: "8334cba7c34a0c1e210ba0a384596a60824bb110"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5477
Md5:    1c9f59b039feb1c4eb3f5cbc1c97ce5d
Sha1:   8334cba7c34a0c1e210ba0a384596a60824bb110
Sha256: eb56d75a1a7d2578baa61435c1b7a075e4428cef2dd86f774370b7b584f4798f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa86bf78d-fa00-4b38-95f5-52add2676ceb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8825
x-amzn-requestid: 4c7e9a75-2af2-43bf-a9e9-66bedc9ec7ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: VZk0SH2HoAMFh5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62d3b4e8-59b9cacf1303261a5f79addb;Sampled=0
x-amzn-remapped-date: Sun, 17 Jul 2022 07:06:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aWAKzHvIAtTHUostaurLbf8q7kSQ81aiD-2F2LzELk0dWozNI-bcpQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 19 Jul 2022 04:46:20 GMT
age: 45282
etag: "10119118208b25b108680a277babbaeac5012fa0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8825
Md5:    afc2d7d4fa0d7b505bcdcc172f51ec74
Sha1:   10119118208b25b108680a277babbaeac5012fa0
Sha256: 2e666dce52a4ff9e74545851c14e4eb3f5c03a7927c45c63916d1d598072ef5b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F641b28e5-7392-4d24-8b49-36148cff2f96.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4487
x-amzn-requestid: 50427d02-f512-455b-807e-d76ba53c8da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: VJGp1FVOoAMFYgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62cd1e3e-48bae1a1099fd53c2e44d506;Sampled=0
x-amzn-remapped-date: Tue, 12 Jul 2022 07:09:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -3_-gM96pMEESMm7VV7x0ADHOeyYY-18L1UAVYlqjnazrRtTURHnrw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 18 Jul 2022 21:40:58 GMT
age: 70804
etag: "186a46cf7fe4d3fcffb230c792087ff7dbc0114a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4487
Md5:    7c83cc4accbc547b75dff6fa16707f2d
Sha1:   186a46cf7fe4d3fcffb230c792087ff7dbc0114a
Sha256: fe08d7437ac65253ddfd8881e5e1b7e9dcaf559f87ff14a2ec689f97de5f1b08