Overview

URL misteroxygen.com/
IP45.33.23.183
ASNLinode, LLC
Location United States
Report completed2022-08-06 02:36:25 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-08-06 2 misteroxygen.com/ Malware
2022-08-06 2 misteroxygen.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCJ3DRSnATHlCDE3UmBFbu (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.misteroxygen.com& (...)
IP  3.222.52.182
Magic gzip compressed data, max compression\012- data
Size 53350
MD5 77c0d953acf9da9c30a10834ae866cb3
SHA1 8b7a8c2d333b7536a3ee908f73960f9ce1183a86
SHA256 74090e5d61889cbe8a5c6ee31f1b60d0361aa4541fc32b68de08049049710992
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (16)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-05 05:06:42 UTC 54.230.111.64
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] api.aws.parking.godaddy.com (5) 36127 2020-03-23 21:33:37 UTC 2022-08-05 11:53:35 UTC 3.222.52.182
[Mnemonic Passive DNS] postback.trafficmotor.com (2) 96726 No data No data 45.79.38.145
[Mnemonic Passive DNS] www6.misteroxygen.com (1) 0 No data No data 35.186.238.101 Unknown ranking
[Mnemonic Passive DNS] img1.wsimg.com (4) 9893 2012-12-19 10:50:44 UTC 2022-08-05 08:06:06 UTC 23.36.79.16
[Mnemonic Passive DNS] ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-08-05 04:56:14 UTC 142.250.74.3
[Mnemonic Passive DNS] partner.googleadservices.com (1) 798 2017-01-30 04:56:54 UTC 2022-08-05 05:01:52 UTC 142.250.74.98
[Mnemonic Passive DNS] afs.googleusercontent.com (2) 12123 2017-01-30 05:39:23 UTC 2022-08-05 06:46:27 UTC 142.250.74.1
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-05 06:49:03 UTC 34.120.237.76
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] misteroxygen.com (2) 0 No data No data 173.255.194.134 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-08-05 04:57:18 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-08-05 21:56:34 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-05 05:06:17 UTC 34.211.241.174
[Mnemonic Passive DNS] ocsp.godaddy.com (1) 698 2017-01-30 05:00:35 UTC 2022-08-05 05:00:07 UTC 192.124.249.22


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.33.23.183

Date UQ / IDS / BL URL IP
2022-08-14 04:57:56 +0000
0 - 0 - 2 totalfarm.com/ 45.33.23.183
2022-08-14 04:39:24 +0000
0 - 0 - 1 adventuscovid19.com/mtm/direct/.eJxtiksOwjAMB (...) 45.33.23.183
2022-08-14 04:31:49 +0000
0 - 0 - 1 hundredroos.co.uk/mtm/direct/.eJxtkM1ygjAYRd- (...) 45.33.23.183
2022-08-14 02:52:33 +0000
0 - 0 - 2 hardhardsex.com/mtm/direct/.ejxlisekajemrp8lx (...) 45.33.23.183
2022-08-14 02:26:12 +0000
0 - 0 - 2 aleah.thigreives06.xyz/ 45.33.23.183
2022-08-14 02:24:02 +0000
0 - 0 - 2 bigtitsclip.com/ 45.33.23.183
2022-08-14 02:19:34 +0000
0 - 0 - 2 machosgay.com/ 45.33.23.183
2022-08-14 01:37:50 +0000
0 - 0 - 2 fabienne-soumise.com/mtm/direct/.eJx1ikEKAjEM (...) 45.33.23.183
2022-08-14 01:31:14 +0000
0 - 0 - 2 ldaarkansas.org/mtm/direct/.eJxliksOwjAMBe_iZ (...) 45.33.23.183
2022-08-13 22:27:29 +0000
0 - 0 - 1 pplive888.com/mtm/direct/.eJxdikEOwjAMBP_iY4l (...) 45.33.23.183

Last 10 reports on ASN: Linode, LLC

Date UQ / IDS / BL URL IP
2022-08-14 06:26:59 +0000
0 - 0 - 2 cheatshacksfreedownload.com/mtm/direct/.ejx9i (...) 198.58.118.167
2022-08-14 06:26:46 +0000
0 - 0 - 2 advanced-esthetic.us/http:/advanced-esthetic. (...) 198.58.118.167
2022-08-14 06:24:33 +0000
0 - 0 - 3 blackarse.com/mtm/direct/.ejxdikeowjambp_iy4l (...) 45.79.19.196
2022-08-14 06:23:47 +0000
0 - 0 - 2 tarotcanada.com/mtm/direct/.eJxliksKAkEMBe-S5 (...) 45.33.18.44
2022-08-14 06:22:02 +0000
0 - 0 - 2 tits.net/mtm/direct/.eJxdycEKwjAQhOF32WMNXY9a (...) 173.255.194.134
2022-08-14 06:19:07 +0000
0 - 0 - 3 indianmoviemall.com/ 45.33.30.197
2022-08-14 06:00:03 +0000
0 - 0 - 1 accessalohatravel.com/mtm/direct/.eJx1ikEKAjE (...) 72.14.185.43
2022-08-14 05:45:16 +0000
0 - 0 - 2 mothernature.one/wp-content/plugins/woocommer (...) 45.33.20.235
2022-08-14 05:16:47 +0000
0 - 0 - 1 athleticclearance.org/mtm/direct/.eJx1yssKwkA (...) 96.126.123.244
2022-08-14 04:57:56 +0000
0 - 0 - 2 totalfarm.com/ 45.33.23.183

No other reports on domain: misteroxygen.com



JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (42)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34"
Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12423
Expires: Sat, 06 Aug 2022 06:03:17 GMT
Date: Sat, 06 Aug 2022 02:36:14 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 06 Aug 2022 02:01:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: inT5_cHAhzhO6oXqbhn_7eZ_wgRum2mqyszq9LouS-QBWkRWNPdOeA==
Age: 2064


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 05 Aug 2022 04:15:27 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 224ROA1Xw21WNtfil-lgUjjtu44s9n8vTwKWmJo_dq3zhPu1ymkktg==
age: 80448
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            GET / HTTP/1.1 
Host: misteroxygen.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         173.255.194.134
HTTP/1.1 200 OK
                                        
server: openresty/1.13.6.1
date: Sat, 06 Aug 2022 02:36:14 GMT
content-type: text/html; charset=utf-8
content-length: 7038
vary: Accept-Language
content-language: en
connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (302)
Size:   7038
Md5:    449ddede2c1452a361b626c5d60187d3
Sha1:   398bb65a425e6204b123519dfd584b7ed1be7ecc
Sha256: 667618bfd380980d41131dbe0edaf6f5ac5d604bc4b4e4d26286f7226b2420e5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 02:36:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCJ3DRSnATHlCDE3UmBFbuZN3pPuEmAA1gwgOJrx05CEwnJV-Zc9ZyQqSuHqiS5PTyl0WVeX85R0d6UmtpZORosJQaHGnKybV027X_leLyetuPeBEZPFpcw_fBOl2IGO3z6Dl5vFUA2kg:1oK9fi:Vb9_Z5zO414hZdyGo8Y-K-ukNKU/1/0 HTTP/1.1 
Host: misteroxygen.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://misteroxygen.com/
Connection: keep-alive

                                         
                                         173.255.194.134
HTTP/1.1 200 OK
                                        
server: openresty/1.13.6.1
date: Sat, 06 Aug 2022 02:36:14 GMT
content-type: text/html; charset=utf-8
content-length: 475
x-mtm-path: 7
x-mtm-prov: 300:0.00;308:0.00
x-mtm-rd: 0.00
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJtaXN0ZXJveHlnZW4uY29tIiwiaHR0cDovL3d3dzYubWlzdGVyb3h5Z2VuLmNvbS8_dGVtcGxhdGU9QVJST1dfMyZ0ZGZzPTEmc190b2tlbj0xNjU5NzUzMzc0LjA0OTM5NjAwMDAmdXVpZD0xNjU5NzUzMzc0LjA0OTM5NjAwMDAmdGVybT1EZWRpY2F0ZWQlMjBHYW1pbmclMjBTZXJ2ZXJzJnRlcm09QjJCJTIwVHJhdmVsJTIwQm9va2luZyUyMFN5c3RlbSZ0ZXJtPU9ubGluZSUyMENhcmVlciUyMENvdW5zZWxpbmclMjBQcm9ncmFtcyZ0ZXJtPUdldCUyMEFuJTIwT25saW5lJTIwRGVncmVlJnRlcm09RGVkaWNhdGVkJTIwR2FtaW5nJTIwU2VydmVycyZ0ZXJtPU9ubGluZSUyMENhcmVlciUyMENvdW5zZWxpbmclMjBQcm9ncmFtcyZ0ZXJtPUVsaXRlJTIwRGF0aW5nJTIwU2VydmljZSZ0ZXJtPUxvd2VzdCUyMENhciUyMEluc3VyYW5jZSUyMFJhdGVzJnRlcm09RGVkaWNhdGVkJTIwR2FtaW5nJTIwU2VydmVycyZzZWFyY2hib3g9MCZzaG93RG9tYWluPTEmYmFja2ZpbGw9MCIsMSwiMjAyMi0wOC0wNiAwMjozNjoxNCIsMSwiMTY1OTc1MzM3NC4wNDkzOTYwMDAwIiwzMDAsbnVsbCxudWxsXQ:1oK9fi:aj_ujQbDVLrG-fm_iYZlw9Eildc; expires=Sat, 06-Aug-2022 03:36:14 GMT; Max-Age=3600; Path=/
connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (475), with no line terminators
Size:   475
Md5:    e5ee23dd85f8059dc9dbabbc7e9aae1f
Sha1:   d70312e309ce41bbd09dde09089d5bcdd1a1ce7d
Sha256: 5e0860b831bc147a01609dc04d52ede978793eff6369c1f3a91ab8b5bcb43708

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 06 Aug 2022 02:16:14 GMT
Expires: Sat, 06 Aug 2022 02:40:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j0_3wKWnIhOHBn2Ub3OI1IDfudQ6HH6c_fwpe2NX8L3c_6os5A5yBQ==
Age: 1201


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /?template=ARROW_3&tdfs=1&s_token=1659753374.0493960000&uuid=1659753374.0493960000&term=Dedicated%20Gaming%20Servers&term=B2B%20Travel%20Booking%20System&term=Online%20Career%20Counseling%20Programs&term=Get%20An%20Online%20Degree&term=Dedicated%20Gaming%20Servers&term=Online%20Career%20Counseling%20Programs&term=Elite%20Dating%20Service&term=Lowest%20Car%20Insurance%20Rates&term=Dedicated%20Gaming%20Servers&searchbox=0&showDomain=1&backfill=0 HTTP/1.1 
Host: www6.misteroxygen.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://misteroxygen.com/
Upgrade-Insecure-Requests: 1

                                         
                                         35.186.238.101
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Sat, 06 Aug 2022 02:36:15 GMT
Content-Length: 2551
Last-Modified: Tue, 19 Jul 2022 15:54:43 GMT
ETag: "62d6d3c3-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_gSYq5U1Ndwy3uxmM81e8QdT+2dTtMMt8QWQ0/UvSeBYTyd2inBdPlK5YoJ9n+ajd7UtfjYH6F+Kt0J3SLhX+Ng
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    e15539eadc1cc5c89eddb6b5ac399221
Sha1:   9b30a558a0b27935ca8126a949e5830445117bde
Sha256: 6b99a14f762d50ad6ca4df3b21ca122ac86c6e0ce862b49e9c3c58eb63969502
                                        
                                            GET /parking-lander/static/js/main.b2dc4f09.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.misteroxygen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.16
HTTP/2 200 OK
                                        
x-amz-id-2: Q1/UXBCnkqccwB0QCe+NMKpytkcyRbSX2PTWaYVlSmmS0ZdszVVj8mAPEsMjpYrQjPBYWuVegYY=
x-amz-request-id: DC6MS74WHPZBJBH1
last-modified: Thu, 05 May 2022 14:06:35 GMT
etag: "fc8eede2839a739a71d4a91a29bc9d5f"
x-amz-server-side-encryption: AES256
x-amz-version-id: KlILJunvYlQ5Ou1jhtw0a5JVX_XX3xMM
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 53882
cache-control: max-age=31536000
expires: Sun, 06 Aug 2023 02:36:15 GMT
date: Sat, 06 Aug 2022 02:36:15 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   53882
Md5:    0bd96f946e382242585cb7781a18db73
Sha1:   5c45ffb00b7d63a87351365e0594e3e8b7999816
Sha256: 3b8a6e3b751b5de9ed16a6e3ab36b56665d892d2416dd8b6965d32a239ee59bc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 188
Cache-Control: max-age=106454
Date: Sat, 06 Aug 2022 02:36:15 GMT
Etag: "62eccfb9-1d7"
Expires: Sun, 07 Aug 2022 08:10:29 GMT
Last-Modified: Fri, 05 Aug 2022 08:07:21 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 02:36:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 02:36:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YVMVESTfptj4P4VKT3Pg0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.211.241.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bBrqQ6077bSiFqYN3rCzi8vtHOs=

                                        
                                            GET /parking-lander/static/js/2.fd9305fa.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.misteroxygen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.16
HTTP/2 200 OK
                                        
x-amz-id-2: 23SVN2c3w4WOLHTUlg8ZZ5gZ/iUa5Se5XQELffKPeZ+Do6wFAf/jv5FsXBipOsk2q7azmlHXSOk=
x-amz-request-id: DC6RS059FYSRYFPB
last-modified: Thu, 05 May 2022 14:06:35 GMT
etag: "96093fed9c1106d39d18096d94287259"
x-amz-server-side-encryption: AES256
x-amz-version-id: fErv0WsreFxlBG9wvpAyThF.OE.Oslp7
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 135643
cache-control: max-age=31536000
expires: Sun, 06 Aug 2023 02:36:15 GMT
date: Sat, 06 Aug 2022 02:36:15 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2551
Md5:    e15539eadc1cc5c89eddb6b5ac399221
Sha1:   9b30a558a0b27935ca8126a949e5830445117bde
Sha256: 6b99a14f762d50ad6ca4df3b21ca122ac86c6e0ce862b49e9c3c58eb63969502
                                        
                                            GET /parking-lander/static/js/2.fd9305fa.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.misteroxygen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 05 May 2022 14:06:35 GMT
If-None-Match: "96093fed9c1106d39d18096d94287259"
Cache-Control: max-age=0
TE: trailers

                                         
                                         23.36.79.16
HTTP/2 304 Not Modified
                                        
content-type: application/javascript
last-modified: Thu, 05 May 2022 14:06:35 GMT
etag: "96093fed9c1106d39d18096d94287259"
cache-control: max-age=31536000
expires: Sun, 06 Aug 2023 02:36:15 GMT
date: Sat, 06 Aug 2022 02:36:15 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /parking-lander/static/js/main.b2dc4f09.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.misteroxygen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 05 May 2022 14:06:35 GMT
If-None-Match: "fc8eede2839a739a71d4a91a29bc9d5f"
Cache-Control: max-age=0
TE: trailers

                                         
                                         23.36.79.16
HTTP/2 304 Not Modified
                                        
content-type: application/javascript
last-modified: Thu, 05 May 2022 14:06:35 GMT
etag: "fc8eede2839a739a71d4a91a29bc9d5f"
cache-control: max-age=31536000
expires: Sun, 06 Aug 2023 02:36:15 GMT
date: Sat, 06 Aug 2022 02:36:15 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Sat, 06 Aug 2022 02:36:15 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 05 Aug 2022 22:53:30 GMT
Expires: Sat, 06 Aug 2022 22:53:30 GMT
ETag: "f3ecd6977e66ef35764c886ea076a99a5607c212"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    d60b2d18e30ac5106bdaf45515002a58
Sha1:   f3ecd6977e66ef35764c886ea076a99a5607c212
Sha256: 40d7c84105acf58b4de89fa23e64c5fa00c0c3cf62040c39f018bc79c4cd44b8
                                        
                                            OPTIONS /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.misteroxygen.com/
Origin: http://www6.misteroxygen.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

                                         
                                         3.222.52.182
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 02:36:15 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=qwKLpiv5UhpHn9rZHVKtLsuc4D3jF4FpGiTpOI1EdlyzlTNdQOJQJsyZb9xZqNZmnMwGSX6T2cOIxfRJL+ROOTIYjzJ9XrBaqP07fK2VyxvWJovOo0ojmY20lB8T; Expires=Sat, 13 Aug 2022 02:36:15 GMT; Path=/ AWSALBCORS=qwKLpiv5UhpHn9rZHVKtLsuc4D3jF4FpGiTpOI1EdlyzlTNdQOJQJsyZb9xZqNZmnMwGSX6T2cOIxfRJL+ROOTIYjzJ9XrBaqP07fK2VyxvWJovOo0ojmY20lB8T; Expires=Sat, 13 Aug 2022 02:36:15 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /v1/domains/domain?domain=www6.misteroxygen.com&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://www6.misteroxygen.com/
Origin: http://www6.misteroxygen.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

                                         
                                         3.222.52.182
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 02:36:15 GMT
content-length: 0
set-cookie: AWSALB=twaHypC/7jf+b97rauzcjpv8aVZxyLyQEkIO6D6Wd7NEqB5gs+Iq/fTsObmk2vNXoGpAGHQrx3CTTpPftzZnbp78ycssoTEroLc/qosbEw2BFBlj1SV2L/8LGuY8; Expires=Sat, 13 Aug 2022 02:36:15 GMT; Path=/ AWSALBCORS=twaHypC/7jf+b97rauzcjpv8aVZxyLyQEkIO6D6Wd7NEqB5gs+Iq/fTsObmk2vNXoGpAGHQrx3CTTpPftzZnbp78ycssoTEroLc/qosbEw2BFBlj1SV2L/8LGuY8; Expires=Sat, 13 Aug 2022 02:36:15 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://www6.misteroxygen.com
access-control-max-age: 600
x-request-id: AP9ijbEw
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   53350
Md5:    77c0d953acf9da9c30a10834ae866cb3
Sha1:   8b7a8c2d333b7536a3ee908f73960f9ce1183a86
Sha256: 74090e5d61889cbe8a5c6ee31f1b60d0361aa4541fc32b68de08049049710992

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.misteroxygen.com/
Content-Type: application/json
Origin: http://www6.misteroxygen.com
Content-Length: 699
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.222.52.182
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 02:36:16 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=14XWzsUzhae1bEEU6Uf9jhvWNlv6WPESOtzQmAIFljayLXMhoc4WqpbQ6SyhpZgzr69rVgM4e1ldKLhGFItgJz3igtNx6PT5TVoK2tzF0WYp5OkjXUibvF4urzSg; Expires=Sat, 13 Aug 2022 02:36:16 GMT; Path=/ AWSALBCORS=14XWzsUzhae1bEEU6Uf9jhvWNlv6WPESOtzQmAIFljayLXMhoc4WqpbQ6SyhpZgzr69rVgM4e1ldKLhGFItgJz3igtNx6PT5TVoK2tzF0WYp5OkjXUibvF4urzSg; Expires=Sat, 13 Aug 2022 02:36:16 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /v1/domains/domain?domain=www6.misteroxygen.com&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.misteroxygen.com/
X-Request-Id: 3aff928e-6456-4ef9-90c7-3f88e1d9af58
Origin: http://www6.misteroxygen.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.222.52.182
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 02:36:16 GMT
content-type: application/json
content-length: 959
set-cookie: AWSALB=O24oP6qwQ2L3VhhG2HngdC+XFK1Xr0LKEvxi/f2Ina64dfFhsmi555nMpPzUtljqtGEtAbzGgvhSYRlwlOaXzD/BZJ3f0GnY7AiBNJxuLHmLxISqC0eJLSwmG4PH; Expires=Sat, 13 Aug 2022 02:36:16 GMT; Path=/ AWSALBCORS=O24oP6qwQ2L3VhhG2HngdC+XFK1Xr0LKEvxi/f2Ina64dfFhsmi555nMpPzUtljqtGEtAbzGgvhSYRlwlOaXzD/BZJ3f0GnY7AiBNJxuLHmLxISqC0eJLSwmG4PH; Expires=Sat, 13 Aug 2022 02:36:16 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://www6.misteroxygen.com
access-control-max-age: 600
x-request-id: 3aff928e-6456-4ef9-90c7-3f88e1d9af58
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (958)
Size:   959
Md5:    4463ed75e8a6772f7a00407c4acac4d9
Sha1:   1c4cff0e041e6bf529fea51c85c408ca6adfb391
Sha256: e84388ee7abfd4d576159a2b87560d0473aa4fd90513470b41f1ed4f4bd507c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 02:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gampad/cookie.js?domain=www6.misteroxygen.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.misteroxygen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 06 Aug 2022 02:36:16 GMT
server: cafe
cache-control: private
content-length: 184
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   184
Md5:    9a3104e09749acae62c16521aa6d00cf
Sha1:   de4a9f709758ae597c6e72e505fe03abd4bfd4e7
Sha256: f1426f1de18880df5fa6bbb00b8052d815f500e9bf8729cec6185767a4c58921
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 02:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 02:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 02:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 06 Aug 2022 01:16:13 GMT
expires: Sun, 07 Aug 2022 00:16:13 GMT
cache-control: public, max-age=82800
age: 4803
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size:   272
Md5:    bbbac37f0b6e29a6099e4aa7cb19d6ca
Sha1:   0acafe95e2141f0af6109203efeb2d98e6b926c6
Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 06 Aug 2022 02:16:27 GMT
expires: Sun, 07 Aug 2022 01:16:27 GMT
cache-control: public, max-age=82800
age: 1189
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   174
Md5:    4de8b85c8915995b571bde50e231be7c
Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 02:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.misteroxygen.com/
Content-Type: application/json
Origin: http://www6.misteroxygen.com
Content-Length: 726
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.222.52.182
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 02:36:16 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=5lmMuIfbf187a4TY+V5TeJN5Y+fFwTLztlx33Zta38CdS/0HCQYlWt+BIgkm1KQMhKJXxicTtbf/LvqwfhO/VVUgLGNRXJjVF6Zr84uXtZM8hSwD+h7ZK697N8vE; Expires=Sat, 13 Aug 2022 02:36:16 GMT; Path=/ AWSALBCORS=5lmMuIfbf187a4TY+V5TeJN5Y+fFwTLztlx33Zta38CdS/0HCQYlWt+BIgkm1KQMhKJXxicTtbf/LvqwfhO/VVUgLGNRXJjVF6Zr84uXtZM8hSwD+h7ZK697N8vE; Expires=Sat, 13 Aug 2022 02:36:16 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3F7695D2D8420FE94E055CBD5DEDB8EF419AC09BDB282935E7A976114A04AE9C"
Last-Modified: Wed, 03 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5714
Expires: Sat, 06 Aug 2022 04:11:30 GMT
Date: Sat, 06 Aug 2022 02:36:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11742
Expires: Sat, 06 Aug 2022 05:51:58 GMT
Date: Sat, 06 Aug 2022 02:36:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11742
Expires: Sat, 06 Aug 2022 05:51:58 GMT
Date: Sat, 06 Aug 2022 02:36:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11742
Expires: Sat, 06 Aug 2022 05:51:58 GMT
Date: Sat, 06 Aug 2022 02:36:16 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5220284-1209-43a7-9af7-d1b6ed31b248.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11592
x-amzn-requestid: 73091111-067e-4c53-97ae-702fbf2b6d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaNsvHdVoAMFUDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8fea-3048002a0a2373536c9c39a1;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:47:23 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: G0Mdtk-aieWCgzMmacuam7TBIAI-ScwNkVMr2tZ-Bfm8UTT2lUWv9Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e71753cf85369390852fdcb22bf59aa8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:23 GMT
etag: "d2838f572736105231e6d321790315a8bf1f68eb"
content-type: image/jpeg
age: 17333
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11592
Md5:    ae3af770ca5815a2744dfad2e742d227
Sha1:   d2838f572736105231e6d321790315a8bf1f68eb
Sha256: 756c59730240921214b26350193d4471c15a98f32c959395ffb05f6b7be34ff5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4367f8-790d-45d9-b749-83fca7bfa1e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10504
x-amzn-requestid: 34564ee6-2bf2-459d-a5fc-9f3cef1b6217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMErFaVIAMFmtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d50-6cdebe3b2fa1a29e19641330;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: FspeYidcRrCb91HxVBEEocpO7vWM-TlEfv_P6_K0aCtZc9TuPpkBTQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a02a98c09aaf2561c8ca019e473cf172.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:22 GMT
etag: "848c1131fddc851879696767331034e141eafee2"
content-type: image/jpeg
age: 17334
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10504
Md5:    b2c2899149c79a1b7a4bc3122a91f0b2
Sha1:   848c1131fddc851879696767331034e141eafee2
Sha256: b17dcf4444715ae1f716441b8a25fb2cf5356b2dc059a77a4665c19fc3459ae2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2e82c42-fd94-454a-912f-56867d09ec8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7007
x-amzn-requestid: 35d5361e-52fc-4daa-8cdb-954fb2a91144
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMEzEyIoAMFfMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d51-3bfec49b5c66188b79c38b88;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: efpRqESHFgiyUdGH0RwYFscSl6pxv1OMptErBaPImBAc9wolDIkB1A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 70b0c022caf458423e58ecbec40508f0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:22 GMT
etag: "671abe46bc15fe88431e40416df266331a65f849"
content-type: image/jpeg
age: 17334
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7007
Md5:    1ed454c7b6a969da4f12c5dc57b0117e
Sha1:   671abe46bc15fe88431e40416df266331a65f849
Sha256: eb2cd92f0994a7bfea8151ce716bce18aa1bbbeca7ca66a786c09c3dff8a41e7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F817dc1f7-eb45-43f8-baff-dc8c8dc431d5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5927
x-amzn-requestid: 3e55ee66-fe01-4d6c-a112-7fef5f987ed4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaNj5ERNoAMFZSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8fb2-171a62aa5b6129252b6799a1;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: A91fveIjnkMpZ7jHHY5n7hdB5jBK-VKqPbe7_PyxJlnXKP-fq-zEXg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5928d4d9c6b3f72b0368c10c784489cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:22 GMT
etag: "2f672c1b11a1c279f429a25e80e37c19d87ed31b"
content-type: image/jpeg
age: 17334
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5927
Md5:    1d51f89b8978e5f853da0ec27aeba1f2
Sha1:   2f672c1b11a1c279f429a25e80e37c19d87ed31b
Sha256: 4b1741201668ef2b420b2c6ca02a9acec12b98c5527745229ceb27239a99881d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecccae74-9298-410d-b1a0-83a3d7b983d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8506
x-amzn-requestid: 93ea4e31-b1e6-44b7-ba46-44b76496a453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaNkNGB_oAMFkww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8fb4-704275df3202a1b764f590a4;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:46:28 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: cFw2UK9ZYkVM0f_zWHwLUPxjaFgf1wsEkeRtT7-kxA2z5QUYGIpZqw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 4201bd1d1fc37ea7749b3bd1b64fce02.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:22 GMT
etag: "1ef736718c08ae360d1903776f9c99c4e228705f"
content-type: image/jpeg
age: 17334
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8506
Md5:    f9a5115c54b2517b0274a5311abeef2a
Sha1:   1ef736718c08ae360d1903776f9c99c4e228705f
Sha256: b79b9b21fee63d4d27f573efdde582e1fe1baea14ca70ef88996c4e63e8d136a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60c16ee3-3a39-4ec1-8e5b-b1410576255d.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10858
x-amzn-requestid: f52ea3bb-2b14-4316-b1ea-25883320d73e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMEqHPoIAMFd8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d50-5d5190d20756dba80d5bdc58;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RMoRmSeS1MtqeuGiHW2SMyz_wsaY1nMkC2PDcgtSbrr-Y9Kr61_5lQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 22:01:03 GMT
age: 16513
etag: "41e1d42e206d3214a51e63770e9cd6cc0becbb24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10858
Md5:    afba830dc75735a2d3d2ddbc552122cf
Sha1:   41e1d42e206d3214a51e63770e9cd6cc0becbb24
Sha256: d3d4aefde36e4bc2d5369e0ce485c5e732a115055291c06d8c9a3db3beca8887
                                        
                                            OPTIONS /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.misteroxygen.com/
Origin: http://www6.misteroxygen.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty/1.13.6.1
Date: Sat, 06 Aug 2022 02:36:16 GMT
Content-Length: 0
Connection: close
Allow: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Origin: http://www6.misteroxygen.com
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Access-Control-Allow-Headers: content-type

                                        
                                            POST /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.misteroxygen.com/
Content-Type: application/json
Origin: http://www6.misteroxygen.com
Content-Length: 143
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: openresty/1.13.6.1
Date: Sat, 06 Aug 2022 02:36:16 GMT
Content-Length: 3
Connection: close
Access-Control-Allow-Origin: http://www6.misteroxygen.com
Vary: Origin


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   3
Md5:    8a80554c91d9fca8acb82f023de02f11
Sha1:   5f36b2ea290645ee34d943220a14b54ee5ea5be5
Sha256: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356