rentalcarplaces.com/
45.33.18.44200 OK 4.7 kB IP 45.33.18.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (305)
Hash 96d2f183a75fbc09e7e7fa23c39366ad
c235ebc1c1f8e6843c443718cdc5900f66a49671
bd978440587acbd2f1b4109851d636c46258cf6776a15b8258cc90d1d945249d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: rentalcarplaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Fri, 25 Nov 2022 14:22:58 GMT
content-type: text/html; charset=utf-8
content-length: 4679
vary: Accept-Language
content-language: en
connection: close
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17472
Expires: Fri, 25 Nov 2022 19:14:10 GMT
Date: Fri, 25 Nov 2022 14:22:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5029
Cache-Control: max-age=163925
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 14:22:58 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:55:03 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4295
Expires: Fri, 25 Nov 2022 15:34:33 GMT
Date: Fri, 25 Nov 2022 14:22:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 14:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 332
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2mQy20eyZFksNX0XSkpQFjc4SpzCKdPdaqV/yjzbNHOot4RFhbAjmaOu67pE98UubO/Y1wRKnNA=
x-amz-request-id: JJ8ZENF286GE9WCS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 13:43:51 GMT
age: 2347
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 14:22:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rentalcarplaces.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCx3DaS88ExEAlxd1JgxW7mjd4TbhrgAB4coM61YyfliZX1K0uudk4YuatyMhRCLYLEdaQc1yMRF-vZuJlfLIrDUiQQWsjJt3XZtP81yvF62o57FyLO7PEeph8--FLc4IdP38HrDbgFN5g:1oyZbW:U8lvBXr7WQiYiJwDG0xSsF1FTQQ/1/
45.33.18.44200 OK 267 B URL HTTP/1.1 rentalcarplaces.com/mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCx3DaS88ExEAlxd1JgxW7mjd4TbhrgAB4coM61YyfliZX1K0uudk4YuatyMhRCLYLEdaQc1yMRF-vZuJlfLIrDUiQQWsjJt3XZtP81yvF62o57FyLO7PEeph8--FLc4IdP38HrDbgFN5g:1oyZbW:U8lvBXr7WQiYiJwDG0xSsF1FTQQ/1/
IP 45.33.18.44:0
File type ASCII text, with no line terminators
Hash 01cd396a44ac683c1da48ef780b73523
45d3d7060119fccf738c1a4be8289de0e3b8f308
8d3627662dae464e5cfbcb7daa5d56e6adc0bf54f8b13d45f58c072863f69b94
Analyzer Verdict Alert fortinet Phishing
GET /mtm/async/.eJxdi0sOwjAMBe_iZYkalnzEWZCx3DaS88ExEAlxd1JgxW7mjd4TbhrgAB4coM61YyfliZX1K0uudk4YuatyMhRCLYLEdaQc1yMRF-vZuJlfLIrDUiQQWsjJt3XZtP81yvF62o57FyLO7PEeph8--FLc4IdP38HrDbgFN5g:1oyZbW:U8lvBXr7WQiYiJwDG0xSsF1FTQQ/1/ HTTP/1.1
Host: rentalcarplaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://rentalcarplaces.com/
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Fri, 25 Nov 2022 14:22:58 GMT
content-type: text/html; charset=utf-8
content-length: 267
x-mtm-path: 7
x-mtm-prov: 328:0.00;329:0.00
x-mtm-rd: 0.00
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJyZW50YWxjYXJwbGFjZXMuY29tIiwiaHR0cDovL3d3dzYucmVudGFsY2FycGxhY2VzLmNvbS8_dGVtcGxhdGU9QVJST1dfMyZ0ZGZzPTEmc190b2tlbj0xNjY5Mzg2MTc4LjAxOTE0MzAwMDAmdXVpZD0xNjY5Mzg2MTc4LjAxOTE0MzAwMDAmdGVybT1DYXIlMjBSZW50YWwmdGVybT1DYXIlMjBSZW50YWwlMjBGcm9tJTIwQWlycG9ydCZ0ZXJtPUx1eHVyeSUyMENhciUyMFJlbnRhbCZ0ZXJtPVNVViUyMFJlbnRhbCZ0ZXJtPVRydWNrJTIwUmVudGFsJnNlYXJjaGJveD0wJnNob3dEb21haW49MCZiYWNrZmlsbD0wIiwxLCIyMDIyLTExLTI1IDE0OjIyOjU4IiwxLCIxNjY5Mzg2MTc4LjAxOTE0MzAwMDAiLDMyOSxudWxsLG51bGxd:1oyZbW:s34B5-FRFI9YaxHQ42JQ_pg-oPg; expires=Fri, 25-Nov-2022 15:22:58 GMT; Max-Age=3600; Path=/
connection: close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 14:11:11 GMT
cache-control: public,max-age=3600
age: 707
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www6.rentalcarplaces.com/?template=ARROW_3&tdfs=1&s_token=1669386178.0191430000&uuid=1669386178.0191430000&term=Car%20Rental&term=Car%20Rental%20From%20Airport&term=Luxury%20Car%20Rental&term=SUV%20Rental&term=Truck%20Rental&searchbox=0&showDomain=0&backfill=0
35.186.238.101200 OK 2.6 kB URL HTTP/1.1 www6.rentalcarplaces.com/?template=ARROW_3&tdfs=1&s_token=1669386178.0191430000&uuid=1669386178.0191430000&term=Car%20Rental&term=Car%20Rental%20From%20Airport&term=Luxury%20Car%20Rental&term=SUV%20Rental&term=Truck%20Rental&searchbox=0&showDomain=0&backfill=0
IP 35.186.238.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /?template=ARROW_3&tdfs=1&s_token=1669386178.0191430000&uuid=1669386178.0191430000&term=Car%20Rental&term=Car%20Rental%20From%20Airport&term=Luxury%20Car%20Rental&term=SUV%20Rental&term=Truck%20Rental&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.rentalcarplaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rentalcarplaces.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 25 Nov 2022 14:22:58 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Wed, 19 Oct 2022 06:29:27 GMT
ETag: "634f9947-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_cvhz2hp57HLS324fXszYMvggxQfUxhqeVS5a6GCMAU5thojrj/DdoX8DqZ9703mPrVGw/cPna/4uSfRfIYohVg
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
img1.wsimg.com/parking-lander/static/js/main.4e219663.chunk.js
23.36.79.43200 OK 58 kB URL HTTP/2 img1.wsimg.com/parking-lander/static/js/main.4e219663.chunk.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65459)
Hash feb46b3c6b7556a8bf123a5e87ffd2b5
aff2efba814012e9fe1586055599069f77e6a062
6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7
GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rentalcarplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ePBtPNltighZ03JBS/Xu3LYeSA7F1yzEuIL6FXs/YdArb0qYS2ZncKxSX45UyFn4EY1mPti8L0Y=
x-amz-request-id: Q5Y8PK0VHGD0XQRS
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 58202
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 14:22:58 GMT
date: Fri, 25 Nov 2022 14:22:58 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/2.5940ae1c.chunk.js
23.36.79.43200 OK 136 kB URL HTTP/2 img1.wsimg.com/parking-lander/static/js/2.5940ae1c.chunk.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Size 136 kB (135541 bytes)
Hash ed301c77cb4cfefcf054b77502912c41
0139ede39adaa61fdae8dfb9c7f6f8600025599b
10ebdcf812a393d96af2bf99a2e5ddf8381f37b2fa85698c4c25e7c03350712c
GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rentalcarplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BJKddOb28V2CtOYHtdx3dgS4ijBb8z9Zz0e916fBJ6yIzilOfuV7lgEi1PzYX2UW11Gi/zLf5Nk=
x-amz-request-id: A0GTYC5KNWH4XAW6
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4zafttojs22R6rxiZs_M0ICLL.vyZxyd
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 14:22:58 GMT
date: Fri, 25 Nov 2022 14:22:58 GMT
content-length: 135541
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 14:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 14:22:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www6.rentalcarplaces.com/?template=ARROW_3&tdfs=1&s_token=1669386178.0191430000&uuid=1669386178.0191430000&term=Car%20Rental&term=Car%20Rental%20From%20Airport&term=Luxury%20Car%20Rental&term=SUV%20Rental&term=Truck%20Rental&searchbox=0&showDomain=0&backfill=0
35.186.238.101304 Not Modified 0 B URL HTTP/1.1 www6.rentalcarplaces.com/?template=ARROW_3&tdfs=1&s_token=1669386178.0191430000&uuid=1669386178.0191430000&term=Car%20Rental&term=Car%20Rental%20From%20Airport&term=Luxury%20Car%20Rental&term=SUV%20Rental&term=Truck%20Rental&searchbox=0&showDomain=0&backfill=0
IP 35.186.238.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?template=ARROW_3&tdfs=1&s_token=1669386178.0191430000&uuid=1669386178.0191430000&term=Car%20Rental&term=Car%20Rental%20From%20Airport&term=Luxury%20Car%20Rental&term=SUV%20Rental&term=Truck%20Rental&searchbox=0&showDomain=0&backfill=0 HTTP/1.1
Host: www6.rentalcarplaces.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=
Upgrade-Insecure-Requests: 1
If-Modified-Since: Wed, 19 Oct 2022 06:29:27 GMT
If-None-Match: "634f9947-9f7"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Server: openresty
Date: Fri, 25 Nov 2022 14:22:59 GMT
Last-Modified: Wed, 19 Oct 2022 06:29:27 GMT
ETag: "634f9947-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_cvhz2hp57HLS324fXszYMvggxQfUxhqeVS5a6GCMAU5thojrj/DdoX8DqZ9703mPrVGw/cPna/4uSfRfIYohVg
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Via: 1.1 google
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +yxD1/nEVUR7c+rPk4Oqog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: szhDYNw6TfG3Un2SwUh4xPYj5IQ=
img1.wsimg.com/parking-lander/static/js/2.5940ae1c.chunk.js
23.36.79.43304 Not Modified 0 B URL HTTP/2 img1.wsimg.com/parking-lander/static/js/2.5940ae1c.chunk.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rentalcarplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Sep 2022 17:52:00 GMT
If-None-Match: "04bb6e8d9135d976f28e9ba68fbc6f67"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 14:22:59 GMT
date: Fri, 25 Nov 2022 14:22:59 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/main.4e219663.chunk.js
23.36.79.43304 Not Modified 0 B URL HTTP/2 img1.wsimg.com/parking-lander/static/js/main.4e219663.chunk.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rentalcarplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Sep 2022 16:45:04 GMT
If-None-Match: "87b518e8e45487e774f8d47f2dc0026f"
Cache-Control: max-age=0
TE: trailers
HTTP/2 304 Not Modified
content-type: application/javascript
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
cache-control: max-age=31536000
expires: Sat, 25 Nov 2023 14:22:59 GMT
date: Fri, 25 Nov 2022 14:22:59 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 652babf68ef7af85e75ee7c4665077a0
a3eeaf1696f9a9f6d81a2dad27c3c362dbeabc43
9ae259f969f94dd804700e4d6b183871ee26dabb191919daf2ff2c0f42a7ba94
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 25 Nov 2022 14:22:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 24 Nov 2022 21:24:46 GMT
Expires: Fri, 25 Nov 2022 21:24:46 GMT
ETag: "a3eeaf1696f9a9f6d81a2dad27c3c362dbeabc43"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.aws.parking.godaddy.com/v1/parkingEvents
54.84.118.217200 OK 0 B URL HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents
IP 54.84.118.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/parkingEvents HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.rentalcarplaces.com/
Origin: http://www6.rentalcarplaces.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 200 OK
date: Fri, 25 Nov 2022 14:22:59 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=CPXplLfBcB7cYGPi8EBYuS4pLbm3ea9WXMxHs0/lNDYAWoaqSkx8sFUXj8yu1v+jtcNxdu06er0MJWY4ykfbxv1oFsl91ELEHxIil4JRLP2QY0Q5Bbd3PEg8cP03; Expires=Fri, 02 Dec 2022 14:22:59 GMT; Path=/
AWSALBCORS=CPXplLfBcB7cYGPi8EBYuS4pLbm3ea9WXMxHs0/lNDYAWoaqSkx8sFUXj8yu1v+jtcNxdu06er0MJWY4ykfbxv1oFsl91ELEHxIil4JRLP2QY0Q5Bbd3PEg8cP03; Expires=Fri, 02 Dec 2022 14:22:59 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.aws.parking.godaddy.com/v1/parkingEvents
54.84.118.217200 OK 0 B URL HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents
IP 54.84.118.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/parkingEvents HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.rentalcarplaces.com/
Content-Type: application/json
Origin: http://www6.rentalcarplaces.com
Content-Length: 720
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 14:22:59 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=E2YusoKpiTM5DR2d5JnsbiVzu9UPrh8ERZ6qnYL60rzLewiBzTG17JHRmmS2kqa0C3V1lJ0MsJNcAvdzDciFf3Lskl+ZqfrjOnv2ube52cKOvsh2hddf9V/dwkYR; Expires=Fri, 02 Dec 2022 14:22:59 GMT; Path=/
AWSALBCORS=E2YusoKpiTM5DR2d5JnsbiVzu9UPrh8ERZ6qnYL60rzLewiBzTG17JHRmmS2kqa0C3V1lJ0MsJNcAvdzDciFf3Lskl+ZqfrjOnv2ube52cKOvsh2hddf9V/dwkYR; Expires=Fri, 02 Dec 2022 14:22:59 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2
api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.rentalcarplaces.com&portfolioId=
54.84.118.217200 OK 54 kB URL HTTP/2 api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.rentalcarplaces.com&portfolioId=
IP 54.84.118.217:0
File type gzip compressed data, max compression\012- data
Hash a44ef3c4a7a9931f20e9683f32059b23
acb52c922f371a4a9ce2388815da2e5b7a9254ea
69091ab962a7a39bed19fd1a106dca60a6dfbc2162d6d0af5234949186777b40
OPTIONS /v1/domains/domain?domain=www6.rentalcarplaces.com&portfolioId= HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://www6.rentalcarplaces.com/
Origin: http://www6.rentalcarplaces.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/2 200 OK
date: Fri, 25 Nov 2022 14:22:59 GMT
content-length: 0
set-cookie: AWSALB=ndR74CvRUB64QKu2HPNo/C9AGlZAAtceNN1+HuEoCvZjUAG4dY3WdMijSBMkNhR29vIsrrmxLyYiNfgRIeotLy8qsTFYe3vw3O1MW7K0aYSagNwhgs1OrmFLCcM2; Expires=Fri, 02 Dec 2022 14:22:59 GMT; Path=/
AWSALBCORS=ndR74CvRUB64QKu2HPNo/C9AGlZAAtceNN1+HuEoCvZjUAG4dY3WdMijSBMkNhR29vIsrrmxLyYiNfgRIeotLy8qsTFYe3vw3O1MW7K0aYSagNwhgs1OrmFLCcM2; Expires=Fri, 02 Dec 2022 14:22:59 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://www6.rentalcarplaces.com
access-control-max-age: 600
x-request-id: 7wailpld
X-Firefox-Spdy: h2
api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.rentalcarplaces.com&portfolioId=
54.84.118.217200 OK 764 B URL HTTP/2 api.aws.parking.godaddy.com/v1/domains/domain?domain=www6.rentalcarplaces.com&portfolioId=
IP 54.84.118.217:0
File type JSON data\012- , ASCII text, with very long lines (763)
Hash 9d95f840e11a5e83e0a64f721900e885
245ed8d8ede09f1a03f0305ffe72f05737a766a7
8722c529c02da317234f7ae59285f3226988cb3af51db95194168dc0a6b636d8
GET /v1/domains/domain?domain=www6.rentalcarplaces.com&portfolioId= HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.rentalcarplaces.com/
X-Request-Id: 5b1dc308-efbd-4fe2-9bf0-6a55119c3162
Origin: http://www6.rentalcarplaces.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 14:22:59 GMT
content-type: application/json
content-length: 764
set-cookie: AWSALB=m8PofDBsfjbOwXTzS0K2NBXitZEyBW9SSGxpJSUf8DpwOJR1BvYMv2rhktriw2H2WnSNqoHSA2QtJMk4sI9d54/0vGZ1rwk3FqiFdjmnx5OrLqGsruikeVJDG6oW; Expires=Fri, 02 Dec 2022 14:22:59 GMT; Path=/
AWSALBCORS=m8PofDBsfjbOwXTzS0K2NBXitZEyBW9SSGxpJSUf8DpwOJR1BvYMv2rhktriw2H2WnSNqoHSA2QtJMk4sI9d54/0vGZ1rwk3FqiFdjmnx5OrLqGsruikeVJDG6oW; Expires=Fri, 02 Dec 2022 14:22:59 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://www6.rentalcarplaces.com
access-control-max-age: 600
x-request-id: 5b1dc308-efbd-4fe2-9bf0-6a55119c3162
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 312d6119e2a9865fd7bd8752bcf62563
fcddb4e1098fe901119e2ec5de135e26b586f897
ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 14:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www6.rentalcarplaces.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
172.217.21.162200 OK 186 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www6.rentalcarplaces.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash a54769aca6e7217084603540c4d70e72
e49cbdf1b1ba915c1ed8590834c8babd66a42956
abff40973cfc31e661bae3053c1d950ce9097d1d37e28b4fd1d73150c5d08b82
GET /gampad/cookie.js?domain=www6.rentalcarplaces.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rentalcarplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 25 Nov 2022 14:23:00 GMT
server: cafe
cache-control: private
content-length: 186
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 312d6119e2a9865fd7bd8752bcf62563
fcddb4e1098fe901119e2ec5de135e26b586f897
ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 14:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 14:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 14:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
142.250.74.33200 OK 272 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP 142.250.74.33:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash bbbac37f0b6e29a6099e4aa7cb19d6ca
0acafe95e2141f0af6109203efeb2d98e6b926c6
a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 00:03:53 GMT
expires: Fri, 25 Nov 2022 23:03:53 GMT
cache-control: public, max-age=82800
age: 51547
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.33200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.33:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:02:51 GMT
expires: Fri, 25 Nov 2022 15:02:51 GMT
cache-control: public, max-age=82800
age: 80409
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b7757171f2e55c37975a5bcdeba7a4ae
1ce146a166c3c1d510d26c855321ca4b2426353d
7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 14:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Fri, 25 Nov 2022 15:10:56 GMT
Date: Fri, 25 Nov 2022 14:23:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Fri, 25 Nov 2022 15:10:56 GMT
Date: Fri, 25 Nov 2022 14:23:00 GMT
Connection: keep-alive
api.aws.parking.godaddy.com/v1/parkingEvents
54.84.118.217200 OK 0 B URL HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents
IP 54.84.118.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/parkingEvents HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.rentalcarplaces.com/
Content-Type: application/json
Origin: http://www6.rentalcarplaces.com
Content-Length: 741
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 14:23:00 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=3zwIj56czMsmIm75VLiagri34I/vgAOELhFlIDqIcgC1cY/VKsDqyEPDTp9G2sOchnf0UgTwUu36fd8XAivsIxlIHQ/2sp/CU6BobnLEO+mteqey9tonr8mp7Ift; Expires=Fri, 02 Dec 2022 14:23:00 GMT; Path=/
AWSALBCORS=3zwIj56czMsmIm75VLiagri34I/vgAOELhFlIDqIcgC1cY/VKsDqyEPDTp9G2sOchnf0UgTwUu36fd8XAivsIxlIHQ/2sp/CU6BobnLEO+mteqey9tonr8mp7Ift; Expires=Fri, 02 Dec 2022 14:23:00 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Fri, 25 Nov 2022 15:10:56 GMT
Date: Fri, 25 Nov 2022 14:23:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2876
Expires: Fri, 25 Nov 2022 15:10:56 GMT
Date: Fri, 25 Nov 2022 14:23:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 44132
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 35056
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: c2484616-009c-47c4-b52a-36b956c7b207
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JzaHXLoAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2348-01d4a7be526475d31fce3c13;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:44 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3KRN_6gYmJqP-Ehaxdu5iwp9xKOOg-dhtGdUcSaho56NVWqVCtyiFA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 14:49:47 GMT
age: 84793
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 59752
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
age: 60472
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c74ff3a5e1404a75a2104a1cc9e02721
3435780a0a850ab859afa3cd172960df5cb823b7
45fedcfc62ec4b46563e776676b4f6918293eec31cb42ac00a07077bf775e4ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45FEDCFC62EC4B46563E776676B4F6918293EEC31CB42AC00A07077BF775E4ED"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15820
Expires: Fri, 25 Nov 2022 18:46:40 GMT
Date: Fri, 25 Nov 2022 14:23:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: drCPrU5rprybHXLSQXEDaLkXde7oANRnFLmSiduDCZsg3Df-rAnBSg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 14:02:37 GMT
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
age: 1223
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
postback.trafficmotor.com/sn/
45.79.38.145200 OK 0 B URL HTTP/1.1 postback.trafficmotor.com/sn/
IP 45.79.38.145:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sn/ HTTP/1.1
Host: postback.trafficmotor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.rentalcarplaces.com/
Origin: http://www6.rentalcarplaces.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.13.6.1
Date: Fri, 25 Nov 2022 14:23:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Allow: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Origin: http://www6.rentalcarplaces.com
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Access-Control-Allow-Headers: content-type
postback.trafficmotor.com/sn/
45.79.38.145200 OK 3 B URL HTTP/1.1 postback.trafficmotor.com/sn/
IP 45.79.38.145:0
File type JSON data\012- , ASCII text
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
POST /sn/ HTTP/1.1
Host: postback.trafficmotor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.rentalcarplaces.com/
Content-Type: application/json
Origin: http://www6.rentalcarplaces.com
Content-Length: 146
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.13.6.1
Date: Fri, 25 Nov 2022 14:23:00 GMT
Content-Type: application/json
Content-Length: 3
Connection: close
Access-Control-Allow-Origin: http://www6.rentalcarplaces.com
Vary: Origin
www.google.com/adsense/domains/caf.js
142.250.74.164200 OK 0 B URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.164:0
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.rentalcarplaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Fri, 25 Nov 2022 14:22:58 GMT
expires: Fri, 25 Nov 2022 14:22:58 GMT
cache-control: private, max-age=3600
etag: "8456826843805353673"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2