urlquery - report: armonia.contratamos.com/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
www6.contratamos.com (2)	0	No data	No data	35.186.238.101	Unknown ranking
api.aws.parking.godaddy.com (4)	36127	No data	No data	54.84.118.217
r3.o.lencr.org (8)	344	No data	No data	23.36.76.226
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	52.38.227.80
ocsp.godaddy.com (2)	698	2012-05-20 19:28:57 UTC	2020-05-02 20:58:10 UTC	192.124.249.41
armonia.contratamos.com (3)	0	No data	No data	198.58.118.167	Unknown ranking
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-25 05:51:47 UTC	34.117.237.239
postback.trafficmotor.com (2)	96726	2019-11-09 13:35:40 UTC	2022-11-25 06:41:11 UTC	45.79.38.145
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-25 06:03:02 UTC	34.102.187.140
img1.wsimg.com (4)	9893	2012-06-20 14:42:31 UTC	2020-04-15 04:54:15 UTC	23.36.79.43
ocsp.pki.goog (7)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.3
www.google.com (1)	7	2016-03-22 03:56:07 UTC	2022-11-25 05:54:26 UTC	142.250.74.164
partner.googleadservices.com (1)	798	2012-10-03 01:04:21 UTC	2022-11-25 05:55:05 UTC	172.217.21.162
afs.googleusercontent.com (2)	12123	2013-05-07 00:37:08 UTC	2020-04-20 08:38:35 UTC	142.250.74.33
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29

Scan Date	Severity	Indicator	Comment
2022-11-25	2	armonia.contratamos.com/	Phishing
2022-11-25	2	armonia.contratamos.com/mtm/async/.eJxdi0kOwjAMRe_iZYkalgziLMhEbmspToJjIBLi (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-05 21:53:14 +0000	0 - 0 - 2	delivers.com/	96.126.123.244
2023-02-05 21:37:10 +0000	0 - 0 - 2	onlineskypedate.com/	96.126.123.244
2023-02-05 08:17:37 +0000	0 - 0 - 2	pbbaseballandsoftball.info/	96.126.123.244
2023-02-04 10:09:16 +0000	0 - 0 - 1	theglitzycrown.com/	96.126.123.244
2023-02-04 08:57:34 +0000	0 - 0 - 2	enigmeer.com/	96.126.123.244

Date	UQ / IDS / BL	URL	IP
2023-02-06 06:22:25 +0000	0 - 0 - 4	mydhl-package.roxanaysebastiantango.com/publi (...)	45.79.27.198
2023-02-06 05:54:22 +0000	0 - 0 - 2	myfinemypayment.com/	72.14.178.174
2023-02-06 03:21:12 +0000	0 - 0 - 1	mydhl-package.roxanaysebastiantango.com/publi (...)	45.79.27.198
2023-02-06 03:12:40 +0000	0 - 0 - 1	mydhl-package.roxanaysebastiantango.com/publi (...)	45.79.27.198
2023-02-06 03:12:27 +0000	0 - 0 - 1	mydhl-package.roxanaysebastiantango.com/publi (...)	45.79.27.198

Date	UQ / IDS / BL	URL	IP
2022-11-25 10:51:54 +0000	0 - 0 - 2	armonia.contratamos.com/	96.126.123.244
2022-11-25 10:48:33 +0000	0 - 0 - 3	www1.contratamos.com/	75.2.73.197

Date	UQ / IDS / BL	URL	IP
2023-01-08 08:56:19 +0000	0 - 0 - 1	xploragroup.com/mtm/direct/.eJxlikEOwjAMBP_iY (...)	45.33.30.197
2023-01-08 02:58:24 +0000	0 - 0 - 1	ticketone.com.mx/mtm/direct/.eJxtiksOwjAMBe_i (...)	198.58.118.167
2022-12-26 14:18:06 +0000	0 - 0 - 2	smiledirect.smiledurectclub.co.uk/	45.33.20.235
2022-11-27 08:48:19 +0000	0 - 0 - 2	esanjeevni.in/	45.33.2.79
2022-11-26 02:46:59 +0000	0 - 0 - 2	jackery.uk/	45.33.2.79

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6310 Expires: Fri, 25 Nov 2022 12:36:53 GMT Date: Fri, 25 Nov 2022 10:51:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a9f1d4d98705c281fed3b60343463200 Sha1: db6f8aa98d2eda4e5473b116a222c3055568bb78 Sha256: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 993 Cache-Control: 'max-age=158059' Date: Fri, 25 Nov 2022 10:51:43 GMT Etag: "637f47ef-1d7" Last-Modified: Fri, 25 Nov 2022 10:35:10 GMT Server: ECS (ska/F6FD) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: af40a2fcf8debb90c3608002da6c907a Sha1: 3c75d6c0b557a3bd8d5db50155b8d896e852c145 Sha256: 555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6" Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10566 Expires: Fri, 25 Nov 2022 13:47:50 GMT Date: Fri, 25 Nov 2022 10:51:44 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8c63b226725ca6e92e3ef586ac19e603 Sha1: d21ae42a1927501e5293ff3564f52b49f6b0decc Sha256: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
GET / HTTP/1.1 Host: armonia.contratamos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: armonia.contratamos.com/ FQDN: armonia.contratamos.com IP: 198.58.118.167 HASH: ed969c794e751d163d52ceb6f6fa38c1884e126b2de8d30fc825537d7087bb53 198.58.118.167 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 server: openresty/1.13.6.1 date: Fri, 25 Nov 2022 10:51:43 GMT content-length: 4695 vary: Accept-Language content-language: en connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (310) Size: 4695 Md5: aacdfc2625a2222f6f0f0bd2109bcc50 Sha1: a64e08f0866dd6611771bed3eb27e119131ce59e Sha256: ed969c794e751d163d52ceb6f6fa38c1884e126b2de8d30fc825537d7087bb53 Alerts: Blocklists: - fortinet: Phishing
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 25 Nov 2022 10:17:26 GMT cache-control: public,max-age=3600 age: 2058 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: d130218d0e2841f39c99610fe1a2ab90 Sha1: 29fbe1e177ee55c7a61ae0a206afff271cf5f945 Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 8o5TDLfmRTK2X4sY4gA1F098IdNXqF/RW5VFALcUeMkyNcN3C0pVDoJOzGHWT/KYFwKOsz84azs= x-amz-request-id: NZV17TFWZQF8RAHF content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 25 Nov 2022 10:43:48 GMT age: 476 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 25 Nov 2022 10:51:44 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: armonia.contratamos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://armonia.contratamos.com/	URL: armonia.contratamos.com/favicon.ico FQDN: armonia.contratamos.com IP: 198.58.118.167 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 198.58.118.167 HTTP/1.1 200 OK content-type: image/gif server: openresty/1.13.6.1 date: Fri, 25 Nov 2022 10:51:44 GMT content-length: 43 last-modified: Mon, 28 Sep 1970 06:00:00 GMT connection: close --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /mtm/async/.eJxdi0kOwjAMRe_iZYkalgziLMhEbmspToJjIBLi7qTAit17f3jCTRkO4MEB6lw7dlKaSEm_suRq54RCXVElJ8Yx5GSKhpJrZ1nPIVCxPjFq5heT6LCUyAGNc_JtTTbtP5V4vJ62496x4Ewe7zz98EGX4gY_fPodvN6o8jkk:1oyWJ5:sPjt-_WEfYmTzqW-YZsCkygVWVc/1/ HTTP/1.1 Host: armonia.contratamos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://armonia.contratamos.com/ Connection: keep-alive	URL: armonia.contratamos.com/mtm/async/.eJxdi0kOwjAMRe_iZYka (...) FQDN: armonia.contratamos.com IP: 198.58.118.167 HASH: 77e391baac0c84b679c8085de404d004582d9656a3cb2eed963328333028dae9 198.58.118.167 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 server: openresty/1.13.6.1 date: Fri, 25 Nov 2022 10:51:44 GMT content-length: 134 x-mtm-path: 2 x-mtm-prov: 1:3.17;70:5.14 x-mtm-rd: 0.62 vary: Accept-Language content-language: en set-cookie: mtm_delivered=WyJhcm1vbmlhLmNvbnRyYXRhbW9zLmNvbSIsImh0dHA6Ly93d3c2LmNvbnRyYXRhbW9zLmNvbS8_dGVtcGxhdGU9QVJST1dfMyZ0ZGZzPTAmc190b2tlbj0xNjY5MzczNTA0LjA0NTIzMjAwMDAmdXVpZD0xNjY5MzczNTA0LjA0NTIzMjAwMDAmc2VhcmNoYm94PTEmc2hvd0RvbWFpbj0xIiwxLCIyMDIyLTExLTI1IDEwOjUxOjQ0IiwxLCIxNjY5MzczNTA0LjA0NTIzMjAwMDAiLDcwLG51bGwsbnVsbF0:1oyWJ6:3kxRJnMIKzQ1JwRevSooaQjkngk; expires=Fri, 25-Nov-2022 11:51:44 GMT; Max-Age=3600; Path=/ connection: close --- Additional Info --- Magic: ASCII text, with no line terminators Size: 134 Md5: b8da4fbe4aab47835a0bb8d827cce43d Sha1: 4450b19e2ddae5a60b4f0458b7904d3def4dca7a Sha256: 77e391baac0c84b679c8085de404d004582d9656a3cb2eed963328333028dae9 Alerts: Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 25 Nov 2022 10:11:11 GMT cache-control: public,max-age=3600 age: 2433 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5925 Cache-Control: max-age=86030 Date: Fri, 25 Nov 2022 10:51:44 GMT Etag: "637f3429-1d7" Expires: Sat, 26 Nov 2022 10:45:34 GMT Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT Server: ECS (ska/F6FD) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fb6949e7abaa473393f7c604691de14f Sha1: 599681bba3947709baa603bbae2dd7afd04059a4 Sha256: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
GET /?template=ARROW_3&tdfs=0&s_token=1669373504.0452320000&uuid=1669373504.0452320000&searchbox=1&showDomain=1 HTTP/1.1 Host: www6.contratamos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://armonia.contratamos.com/ Upgrade-Insecure-Requests: 1	URL: www6.contratamos.com/?template=ARROW_3&tdfs=0&s_token=1 (...) FQDN: www6.contratamos.com IP: 35.186.238.101 HASH: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073 35.186.238.101 HTTP/1.1 200 OK Content-Type: text/html Server: openresty Date: Fri, 25 Nov 2022 10:51:44 GMT Content-Length: 2551 Last-Modified: Fri, 16 Sep 2022 16:46:37 GMT ETag: "6324a86d-9f7" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_HOxVVjwydhH875thc3rPCYsm4QAskxfrSDKZByLc2/VS2ukSN/xtXsRemuy3SXe+UNP7OFUuxJQBLUonI3Tccg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400; Accept-Ranges: bytes Via: 1.1 google --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators Size: 2551 Md5: 41f66bb0ac50f2d851236170e7c71341 Sha1: 59bcec216302151922219b51be8ad8ab6d0b8384 Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.contratamos.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: img1.wsimg.com/parking-lander/static/js/main.4e219663.c (...) FQDN: img1.wsimg.com IP: 23.36.79.43 HASH: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7 23.36.79.43 HTTP/2 200 OK content-type: application/javascript x-amz-id-2: ePBtPNltighZ03JBS/Xu3LYeSA7F1yzEuIL6FXs/YdArb0qYS2ZncKxSX45UyFn4EY1mPti8L0Y= x-amz-request-id: Q5Y8PK0VHGD0XQRS last-modified: Fri, 16 Sep 2022 16:45:04 GMT etag: "87b518e8e45487e774f8d47f2dc0026f" x-amz-server-side-encryption: AES256 x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-length: 58202 cache-control: max-age=31536000 expires: Sat, 25 Nov 2023 10:51:45 GMT date: Fri, 25 Nov 2022 10:51:45 GMT timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65459) Size: 58202 Md5: feb46b3c6b7556a8bf123a5e87ffd2b5 Sha1: aff2efba814012e9fe1586055599069f77e6a062 Sha256: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 10:51:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 76544babbcf6515110bd81aaee8e7e63 Sha1: 043497692868c67ac84cdfe70d0a484517abd1c2 Sha256: a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: CVpru32aax6avRbALH5YSw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.38.227.80 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.38.227.80 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: W5H3bJRzIGcRIBM+TKsR4hyYnl4= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 10:51:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 65992aeb8efb9a0b8fd59687090733fe Sha1: 526a2afccc93d32849185d153fafe44b72797df9 Sha256: b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
GET /?template=ARROW_3&tdfs=0&s_token=1669373504.0452320000&uuid=1669373504.0452320000&searchbox=1&showDomain=1 HTTP/1.1 Host: www6.contratamos.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner= Upgrade-Insecure-Requests: 1 If-Modified-Since: Fri, 16 Sep 2022 16:46:37 GMT If-None-Match: "6324a86d-9f7" Cache-Control: max-age=0	URL: www6.contratamos.com/?template=ARROW_3&tdfs=0&s_token=1 (...) FQDN: www6.contratamos.com IP: 35.186.238.101 HASH: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073 35.186.238.101 HTTP/1.1 200 OK Content-Type: text/html Server: openresty Date: Fri, 25 Nov 2022 10:51:45 GMT Content-Length: 2551 Last-Modified: Wed, 19 Oct 2022 06:29:27 GMT ETag: "634f9947-9f7" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_HOxVVjwydhH875thc3rPCYsm4QAskxfrSDKZByLc2/VS2ukSN/xtXsRemuy3SXe+UNP7OFUuxJQBLUonI3Tccg Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400; Accept-Ranges: bytes Via: 1.1 google --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators Size: 2551 Md5: 41f66bb0ac50f2d851236170e7c71341 Sha1: 59bcec216302151922219b51be8ad8ab6d0b8384 Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.contratamos.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Fri, 16 Sep 2022 17:52:00 GMT If-None-Match: "04bb6e8d9135d976f28e9ba68fbc6f67" Cache-Control: max-age=0 TE: trailers	URL: img1.wsimg.com/parking-lander/static/js/2.5940ae1c.chunk.js FQDN: img1.wsimg.com IP: 23.36.79.43 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 23.36.79.43 HTTP/2 304 Not Modified content-type: application/javascript last-modified: Fri, 16 Sep 2022 17:52:00 GMT etag: "04bb6e8d9135d976f28e9ba68fbc6f67" cache-control: max-age=31536000 expires: Sat, 25 Nov 2023 10:51:45 GMT date: Fri, 25 Nov 2022 10:51:45 GMT timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.contratamos.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Fri, 16 Sep 2022 16:45:04 GMT If-None-Match: "87b518e8e45487e774f8d47f2dc0026f" Cache-Control: max-age=0 TE: trailers	URL: img1.wsimg.com/parking-lander/static/js/main.4e219663.c (...) FQDN: img1.wsimg.com IP: 23.36.79.43 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 23.36.79.43 HTTP/2 304 Not Modified content-type: application/javascript last-modified: Fri, 16 Sep 2022 16:45:04 GMT etag: "87b518e8e45487e774f8d47f2dc0026f" cache-control: max-age=31536000 expires: Sat, 25 Nov 2023 10:51:45 GMT date: Fri, 25 Nov 2022 10:51:45 GMT timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 75 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.godaddy.com/ FQDN: ocsp.godaddy.com IP: 192.124.249.41 HASH: 9ae259f969f94dd804700e4d6b183871ee26dabb191919daf2ff2c0f42a7ba94 192.124.249.41 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Sucuri/Cloudproxy Date: Fri, 25 Nov 2022 10:51:45 GMT Content-Length: 1777 Connection: keep-alive X-Sucuri-ID: 19041 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Thu, 24 Nov 2022 21:24:46 GMT Expires: Fri, 25 Nov 2022 21:24:46 GMT ETag: "a3eeaf1696f9a9f6d81a2dad27c3c362dbeabc43" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" --- Additional Info --- Magic: data Size: 1777 Md5: 652babf68ef7af85e75ee7c4665077a0 Sha1: a3eeaf1696f9a9f6d81a2dad27c3c362dbeabc43 Sha256: 9ae259f969f94dd804700e4d6b183871ee26dabb191919daf2ff2c0f42a7ba94
GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.contratamos.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/adsense/domains/caf.js FQDN: www.google.com IP: 142.250.74.164 HASH: 148e93b6b9d9cc517b75154be03b93614353dfebd96b73137d1f08c9c82c02de 142.250.74.164 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Fri, 25 Nov 2022 10:51:45 GMT expires: Fri, 25 Nov 2022 10:51:45 GMT cache-control: private, max-age=3600 etag: "8456826843805353673" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1885) Size: 53465 Md5: cab5a8333ee166d9f6d0b2bd295db5e5 Sha1: 6693b5f32a350be64a33d9f3cf42aae1a67270a8 Sha256: 148e93b6b9d9cc517b75154be03b93614353dfebd96b73137d1f08c9c82c02de
POST /v1/parkingEvents HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.contratamos.com/ Content-Type: application/json Origin: http://www6.contratamos.com Content-Length: 716 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: api.aws.parking.godaddy.com/v1/parkingEvents FQDN: api.aws.parking.godaddy.com IP: 54.84.118.217 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.84.118.217 HTTP/2 200 OK content-type: text/plain date: Fri, 25 Nov 2022 10:51:45 GMT content-length: 0 set-cookie: AWSALB=w0nelSNQ4H+C+aEllT5FM2zcSbwSMpwbTUJa5WaD9ZqkhcKkNUEte6D+iF4EM8QtpVAESW/L9HBaTT+7+5dGR6+xR+7YQBnPuRvokhqNmYszyBIw42Nd3od23piQ; Expires=Fri, 02 Dec 2022 10:51:45 GMT; Path=/ AWSALBCORS=w0nelSNQ4H+C+aEllT5FM2zcSbwSMpwbTUJa5WaD9ZqkhcKkNUEte6D+iF4EM8QtpVAESW/L9HBaTT+7+5dGR6+xR+7YQBnPuRvokhqNmYszyBIw42Nd3od23piQ; Expires=Fri, 02 Dec 2022 10:51:45 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/domains/domain?domain=www6.contratamos.com&portfolioId= HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-request-id Referer: http://www6.contratamos.com/ Origin: http://www6.contratamos.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Cache-Control: max-age=0	URL: api.aws.parking.godaddy.com/v1/domains/domain?domain=ww (...) FQDN: api.aws.parking.godaddy.com IP: 54.84.118.217 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.84.118.217 HTTP/2 200 OK date: Fri, 25 Nov 2022 10:51:45 GMT content-length: 0 set-cookie: AWSALB=OM1N2k0H7Qbb0/n0LTCc1y71AEWEeQ7LKV/G7A0ZLLgo83lc206kgLAxVp2Un4YrXVbsSacuY1qvChCMpWEqi3Y1wHL6u8ZFeJPXosJgkycmEDXCHkug9L4lt3wT; Expires=Fri, 02 Dec 2022 10:51:45 GMT; Path=/ AWSALBCORS=OM1N2k0H7Qbb0/n0LTCc1y71AEWEeQ7LKV/G7A0ZLLgo83lc206kgLAxVp2Un4YrXVbsSacuY1qvChCMpWEqi3Y1wHL6u8ZFeJPXosJgkycmEDXCHkug9L4lt3wT; Expires=Fri, 02 Dec 2022 10:51:45 GMT; Path=/; SameSite=None; Secure access-control-allow-credentials: true access-control-allow-headers: X-Request-Id access-control-allow-methods: GET, HEAD, OPTIONS access-control-allow-origin: http://www6.contratamos.com access-control-max-age: 600 x-request-id: NxienN-v X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/domains/domain?domain=www6.contratamos.com&portfolioId= HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.contratamos.com/ X-Request-Id: 650ad08f-f3eb-48d5-acf7-2f42804ec641 Origin: http://www6.contratamos.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: api.aws.parking.godaddy.com/v1/domains/domain?domain=ww (...) FQDN: api.aws.parking.godaddy.com IP: 54.84.118.217 HASH: 49f85a9d24639488889ceccf8086fb26931ab65bd1ad28a4e834a5ee9305bee2 54.84.118.217 HTTP/2 200 OK content-type: application/json date: Fri, 25 Nov 2022 10:51:46 GMT content-length: 838 set-cookie: AWSALB=yjlvoEXcUui8zTCLK+SkqASkznnqa9M69AQOT2asSofGtehFtIHp4IGgB6b4b/NWxCg/yejuCWkrXrOJjYlaXnRSZJzWfWjfHGCHIVVegID8VSJjaHqP4B4IMbOb; Expires=Fri, 02 Dec 2022 10:51:46 GMT; Path=/ AWSALBCORS=yjlvoEXcUui8zTCLK+SkqASkznnqa9M69AQOT2asSofGtehFtIHp4IGgB6b4b/NWxCg/yejuCWkrXrOJjYlaXnRSZJzWfWjfHGCHIVVegID8VSJjaHqP4B4IMbOb; Expires=Fri, 02 Dec 2022 10:51:46 GMT; Path=/; SameSite=None; Secure access-control-allow-credentials: true access-control-allow-origin: http://www6.contratamos.com access-control-max-age: 600 x-request-id: 650ad08f-f3eb-48d5-acf7-2f42804ec641 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (837) Size: 838 Md5: ffe9d529e1cf7d2fb52fd028b1c30228 Sha1: b10e0db730812420dfaee90eccd0a2b0a28651c4 Sha256: 49f85a9d24639488889ceccf8086fb26931ab65bd1ad28a4e834a5ee9305bee2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 10:51:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 312d6119e2a9865fd7bd8752bcf62563 Sha1: fcddb4e1098fe901119e2ec5de135e26b586f897 Sha256: ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734
GET /gampad/cookie.js?domain=www6.contratamos.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.contratamos.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: partner.googleadservices.com/gampad/cookie.js?domain=ww (...) FQDN: partner.googleadservices.com IP: 172.217.21.162 HASH: e306377d25fea97140b7a41327b55cbddf3f79ab9556e855c0edd922dcfb30f3 172.217.21.162 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Fri, 25 Nov 2022 10:51:46 GMT server: cafe cache-control: private content-length: 182 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 182 Md5: 801852df3360d060a7145e1f47b40679 Sha1: fc77aef6726f0a1e1f854481a607cd3e5d22ed44 Sha256: e306377d25fea97140b7a41327b55cbddf3f79ab9556e855c0edd922dcfb30f3
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 10:51:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 312d6119e2a9865fd7bd8752bcf62563 Sha1: fcddb4e1098fe901119e2ec5de135e26b586f897 Sha256: ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 10:51:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b7757171f2e55c37975a5bcdeba7a4ae Sha1: 1ce146a166c3c1d510d26c855321ca4b2426353d Sha256: 7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: afs.googleusercontent.com/ad_icons/standard/publisher_i (...) FQDN: afs.googleusercontent.com IP: 142.250.74.33 HASH: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2 142.250.74.33 HTTP/2 200 OK content-type: image/svg+xml accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 272 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Fri, 25 Nov 2022 00:03:53 GMT expires: Fri, 25 Nov 2022 23:03:53 GMT cache-control: public, max-age=82800 age: 38873 last-modified: Thu, 19 Dec 2019 14:15:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca Sha1: 0acafe95e2141f0af6109203efeb2d98e6b926c6 Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 10:51:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b7757171f2e55c37975a5bcdeba7a4ae Sha1: 1ce146a166c3c1d510d26c855321ca4b2426353d Sha256: 7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: afs.googleusercontent.com/ad_icons/standard/publisher_i (...) FQDN: afs.googleusercontent.com IP: 142.250.74.33 HASH: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a 142.250.74.33 HTTP/2 200 OK content-type: image/svg+xml accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 24 Nov 2022 16:02:51 GMT expires: Fri, 25 Nov 2022 15:02:51 GMT cache-control: public, max-age=82800 age: 67735 last-modified: Thu, 22 Oct 2020 21:45:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c Sha1: 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14398 Expires: Fri, 25 Nov 2022 14:51:44 GMT Date: Fri, 25 Nov 2022 10:51:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14398 Expires: Fri, 25 Nov 2022 14:51:44 GMT Date: Fri, 25 Nov 2022 10:51:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14398 Expires: Fri, 25 Nov 2022 14:51:44 GMT Date: Fri, 25 Nov 2022 10:51:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11743 x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cICD-F7joAMFqmA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:54:45 GMT age: 46621 etag: "b0ddc1555d2506177adcdcea77864d75f1245d07" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11743 Md5: 8784bb7a8b88736a6016f712e3183bf3 Sha1: b0ddc1555d2506177adcdcea77864d75f1245d07 Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14398 Expires: Fri, 25 Nov 2022 14:51:44 GMT Date: Fri, 25 Nov 2022 10:51:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6827d82f488045e02e40d6a2fdbae4b3 Sha1: 4944139a4b08769511ffc6aa913857d88a0db7bc Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11249 x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cFPHYHkAIAMFpBg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 07:46:20 GMT age: 11126 etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11249 Md5: 481c033b9ffd030ff0de6e35cf788b47 Sha1: 85d3baad9217af2b5d75c019d2ef95dbb919a788 Sha256: 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: 7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 25 Nov 2022 10:51:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: b7757171f2e55c37975a5bcdeba7a4ae Sha1: 1ce146a166c3c1d510d26c855321ca4b2426353d Sha256: 7675dc8e0d7a554bf286e61db1c9546aa6fc7188cb83c3d9bd5beb80c2351fe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3955 x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCM9NGJHoAMF4sQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 04:23:00 GMT age: 23326 etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3955 Md5: 4006a9037ab5f28dca62b0aa7a704c41 Sha1: 74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10950 x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cFNstFeZoAMFopQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tCG6Llkb9UHrJDHyxk5RgLkQ3Cds3dXRc0uMhy_9GbnzgMWk5UBS6w== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 22:04:29 GMT age: 74316 etag: "18800e21d05596f7b64213072dee7dda5c1faf61" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10950 Md5: 4abf25d4a15ce58edadd54994b3434a2 Sha1: 18800e21d05596f7b64213072dee7dda5c1faf61 Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8006 x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cIB-AHSrIAMFvKw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Thu, 24 Nov 2022 21:54:39 GMT age: 46627 etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8006 Md5: 8b6ee13d43732f7c764a49500d092865 Sha1: 5d15fd672e968d59b541e4d5d0d01cd5e69f4075 Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6385 x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cI5NVFMAoAMFn7g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ== via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 07:35:26 GMT age: 11780 etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6385 Md5: f6292a2988fb4505d0098553b8e99ddc Sha1: 9b8aafcda0e22edcc16d3048f4b88659d3b42419 Sha256: 16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
POST /v1/parkingEvents HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.contratamos.com/ Content-Type: application/json Origin: http://www6.contratamos.com Content-Length: 714 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: api.aws.parking.godaddy.com/v1/parkingEvents FQDN: api.aws.parking.godaddy.com IP: 54.84.118.217 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.84.118.217 HTTP/2 200 OK content-type: text/plain date: Fri, 25 Nov 2022 10:51:46 GMT content-length: 0 set-cookie: AWSALB=8pV5atXX6rlnK8ZKlMgu/VEZv1bH8o9Z+xLd6rZWvN4y4NjNuUvKY+qYsMRXXpTBKPLKSPtJcxN0wexXB6JeIMo8FWb5lvcgsdqI0dHxoi8s6oQsEDJfvIQNP5OF; Expires=Fri, 02 Dec 2022 10:51:46 GMT; Path=/ AWSALBCORS=8pV5atXX6rlnK8ZKlMgu/VEZv1bH8o9Z+xLd6rZWvN4y4NjNuUvKY+qYsMRXXpTBKPLKSPtJcxN0wexXB6JeIMo8FWb5lvcgsdqI0dHxoi8s6oQsEDJfvIQNP5OF; Expires=Fri, 02 Dec 2022 10:51:46 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: b37032c67ee677df0c5cc0e4714511196ed0b307442b19abaf86c1e0a4456ae5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B37032C67EE677DF0C5CC0E4714511196ED0B307442B19ABAF86C1E0A4456AE5" Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8699 Expires: Fri, 25 Nov 2022 13:16:45 GMT Date: Fri, 25 Nov 2022 10:51:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 65076c459568ff05978d7ddfe4b368cd Sha1: a5b2b8a31d0f8a9a08e93e93cb5a08a9c424b297 Sha256: b37032c67ee677df0c5cc0e4714511196ed0b307442b19abaf86c1e0a4456ae5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: b37032c67ee677df0c5cc0e4714511196ed0b307442b19abaf86c1e0a4456ae5 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B37032C67EE677DF0C5CC0E4714511196ED0B307442B19ABAF86C1E0A4456AE5" Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8699 Expires: Fri, 25 Nov 2022 13:16:45 GMT Date: Fri, 25 Nov 2022 10:51:46 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 65076c459568ff05978d7ddfe4b368cd Sha1: a5b2b8a31d0f8a9a08e93e93cb5a08a9c424b297 Sha256: b37032c67ee677df0c5cc0e4714511196ed0b307442b19abaf86c1e0a4456ae5
OPTIONS /sn/ HTTP/1.1 Host: postback.trafficmotor.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://www6.contratamos.com/ Origin: http://www6.contratamos.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: postback.trafficmotor.com/sn/ FQDN: postback.trafficmotor.com IP: 45.79.38.145 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 45.79.38.145 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: openresty/1.13.6.1 Date: Fri, 25 Nov 2022 10:51:46 GMT Content-Length: 0 Connection: close Allow: HEAD, GET, POST, OPTIONS Access-Control-Allow-Origin: http://www6.contratamos.com Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT Vary: Origin Access-Control-Allow-Headers: content-type --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /sn/ HTTP/1.1 Host: postback.trafficmotor.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.contratamos.com/ Content-Type: application/json Origin: http://www6.contratamos.com Content-Length: 142 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: postback.trafficmotor.com/sn/ FQDN: postback.trafficmotor.com IP: 45.79.38.145 HASH: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 45.79.38.145 HTTP/1.1 200 OK Content-Type: application/json Server: openresty/1.13.6.1 Date: Fri, 25 Nov 2022 10:51:47 GMT Content-Length: 3 Connection: close Access-Control-Allow-Origin: http://www6.contratamos.com Vary: Origin --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 3 Md5: 8a80554c91d9fca8acb82f023de02f11 Sha1: 5f36b2ea290645ee34d943220a14b54ee5ea5be5 Sha256: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 75 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.godaddy.com/ FQDN: ocsp.godaddy.com IP: 192.124.249.41 HASH: 9ae259f969f94dd804700e4d6b183871ee26dabb191919daf2ff2c0f42a7ba94 192.124.249.41 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Sucuri/Cloudproxy Date: Fri, 25 Nov 2022 10:51:47 GMT Content-Length: 1777 Connection: keep-alive X-Sucuri-ID: 19041 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Thu, 24 Nov 2022 21:24:46 GMT Expires: Fri, 25 Nov 2022 21:24:46 GMT ETag: "a3eeaf1696f9a9f6d81a2dad27c3c362dbeabc43" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" --- Additional Info --- Magic: data Size: 1777 Md5: 652babf68ef7af85e75ee7c4665077a0 Sha1: a3eeaf1696f9a9f6d81a2dad27c3c362dbeabc43 Sha256: 9ae259f969f94dd804700e4d6b183871ee26dabb191919daf2ff2c0f42a7ba94
GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.contratamos.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: img1.wsimg.com/parking-lander/static/js/2.5940ae1c.chunk.js FQDN: img1.wsimg.com IP: 23.36.79.43 23.36.79.43 HTTP/2 200 OK content-type: application/javascript x-amz-id-2: BJKddOb28V2CtOYHtdx3dgS4ijBb8z9Zz0e916fBJ6yIzilOfuV7lgEi1PzYX2UW11Gi/zLf5Nk= x-amz-request-id: A0GTYC5KNWH4XAW6 last-modified: Fri, 16 Sep 2022 17:52:00 GMT etag: "04bb6e8d9135d976f28e9ba68fbc6f67" x-amz-server-side-encryption: AES256 x-amz-version-id: 4zafttojs22R6rxiZs_M0ICLL.vyZxyd accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip cache-control: max-age=31536000 expires: Sat, 25 Nov 2023 10:51:45 GMT date: Fri, 25 Nov 2022 10:51:45 GMT content-length: 135541 timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6310 

                                        
                                            
Expires: Fri, 25 Nov 2022 12:36:53 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:43 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a9f1d4d98705c281fed3b60343463200

                                                Sha1:   db6f8aa98d2eda4e5473b116a222c3055568bb78

                                                Sha256: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=10566 

                                        
                                            
Expires: Fri, 25 Nov 2022 13:47:50 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:44 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8c63b226725ca6e92e3ef586ac19e603

                                                Sha1:   d21ae42a1927501e5293ff3564f52b49f6b0decc

                                                Sha256: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 10:17:26 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 2058 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    d130218d0e2841f39c99610fe1a2ab90

                                                Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945

                                                Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 25 Nov 2022 10:51:44 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5925 

                                        
                                            
Cache-Control: max-age=86030 

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:44 GMT 

                                        
                                            
Etag: "637f3429-1d7" 

                                        
                                            
Expires: Sat, 26 Nov 2022 10:45:34 GMT 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT 

                                        
                                            
Server: ECS (ska/F6FD) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    fb6949e7abaa473393f7c604691de14f

                                                Sha1:   599681bba3947709baa603bbae2dd7afd04059a4

                                                Sha256: 36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13

                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 

                                        
                                            
Host: img1.wsimg.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www6.contratamos.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.36.79.43

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
x-amz-id-2: ePBtPNltighZ03JBS/Xu3LYeSA7F1yzEuIL6FXs/YdArb0qYS2ZncKxSX45UyFn4EY1mPti8L0Y= 

                                        
                                            
x-amz-request-id: Q5Y8PK0VHGD0XQRS 

                                        
                                            
last-modified: Fri, 16 Sep 2022 16:45:04 GMT 

                                        
                                            
etag: "87b518e8e45487e774f8d47f2dc0026f" 

                                        
                                            
x-amz-server-side-encryption: AES256 

                                        
                                            
x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
content-length: 58202 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
expires: Sat, 25 Nov 2023 10:51:45 GMT 

                                        
                                            
date: Fri, 25 Nov 2022 10:51:45 GMT 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65459)

                                                Size:   58202

                                                Md5:    feb46b3c6b7556a8bf123a5e87ffd2b5

                                                Sha1:   aff2efba814012e9fe1586055599069f77e6a062

                                                Sha256: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: CVpru32aax6avRbALH5YSw== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         52.38.227.80

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: W5H3bJRzIGcRIBM+TKsR4hyYnl4= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /?template=ARROW_3&tdfs=0&s_token=1669373504.0452320000&uuid=1669373504.0452320000&searchbox=1&showDomain=1 HTTP/1.1 

                                        
                                            
Host: www6.contratamos.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner= 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
If-Modified-Since: Fri, 16 Sep 2022 16:46:37 GMT 

                                        
                                            
If-None-Match: "6324a86d-9f7" 

                                        
                                            
Cache-Control: max-age=0

                                         35.186.238.101

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: openresty 

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:45 GMT 

                                        
                                            
Content-Length: 2551 

                                        
                                            
Last-Modified: Wed, 19 Oct 2022 06:29:27 GMT 

                                        
                                            
ETag: "634f9947-9f7" 

                                        
                                            
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_HOxVVjwydhH875thc3rPCYsm4QAskxfrSDKZByLc2/VS2ukSN/xtXsRemuy3SXe+UNP7OFUuxJQBLUonI3Tccg 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400; 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Via: 1.1 google 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators

                                                Size:   2551

                                                Md5:    41f66bb0ac50f2d851236170e7c71341

                                                Sha1:   59bcec216302151922219b51be8ad8ab6d0b8384

                                                Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073

                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 

                                        
                                            
Host: img1.wsimg.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www6.contratamos.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Fri, 16 Sep 2022 16:45:04 GMT 

                                        
                                            
If-None-Match: "87b518e8e45487e774f8d47f2dc0026f" 

                                        
                                            
Cache-Control: max-age=0 

                                        
                                            
TE: trailers

                                         23.36.79.43

                                        
                                            HTTP/2 304 Not Modified 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
last-modified: Fri, 16 Sep 2022 16:45:04 GMT 

                                        
                                            
etag: "87b518e8e45487e774f8d47f2dc0026f" 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
expires: Sat, 25 Nov 2023 10:51:45 GMT 

                                        
                                            
date: Fri, 25 Nov 2022 10:51:45 GMT 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 

                                        
                                            
Host: www.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www6.contratamos.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" 

                                        
                                            
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} 

                                        
                                            
date: Fri, 25 Nov 2022 10:51:45 GMT 

                                        
                                            
expires: Fri, 25 Nov 2022 10:51:45 GMT 

                                        
                                            
cache-control: private, max-age=3600 

                                        
                                            
etag: "8456826843805353673" 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1885)

                                                Size:   53465

                                                Md5:    cab5a8333ee166d9f6d0b2bd295db5e5

                                                Sha1:   6693b5f32a350be64a33d9f3cf42aae1a67270a8

                                                Sha256: 148e93b6b9d9cc517b75154be03b93614353dfebd96b73137d1f08c9c82c02de

                                        
                                            OPTIONS /v1/domains/domain?domain=www6.contratamos.com&portfolioId= HTTP/1.1 

                                        
                                            
Host: api.aws.parking.godaddy.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: GET 

                                        
                                            
Access-Control-Request-Headers: x-request-id 

                                        
                                            
Referer: http://www6.contratamos.com/ 

                                        
                                            
Origin: http://www6.contratamos.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Cache-Control: max-age=0

                                         54.84.118.217

                                        
                                            HTTP/2 200 OK

                                        

                                        
                                            
date: Fri, 25 Nov 2022 10:51:45 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
set-cookie: AWSALB=OM1N2k0H7Qbb0/n0LTCc1y71AEWEeQ7LKV/G7A0ZLLgo83lc206kgLAxVp2Un4YrXVbsSacuY1qvChCMpWEqi3Y1wHL6u8ZFeJPXosJgkycmEDXCHkug9L4lt3wT; Expires=Fri, 02 Dec 2022 10:51:45 GMT; Path=/
AWSALBCORS=OM1N2k0H7Qbb0/n0LTCc1y71AEWEeQ7LKV/G7A0ZLLgo83lc206kgLAxVp2Un4YrXVbsSacuY1qvChCMpWEqi3Y1wHL6u8ZFeJPXosJgkycmEDXCHkug9L4lt3wT; Expires=Fri, 02 Dec 2022 10:51:45 GMT; Path=/; SameSite=None; Secure 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: X-Request-Id 

                                        
                                            
access-control-allow-methods: GET, HEAD, OPTIONS 

                                        
                                            
access-control-allow-origin: http://www6.contratamos.com 

                                        
                                            
access-control-max-age: 600 

                                        
                                            
x-request-id: NxienN-v 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:46 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    312d6119e2a9865fd7bd8752bcf62563

                                                Sha1:   fcddb4e1098fe901119e2ec5de135e26b586f897

                                                Sha256: ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:46 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    312d6119e2a9865fd7bd8752bcf62563

                                                Sha1:   fcddb4e1098fe901119e2ec5de135e26b586f897

                                                Sha256: ed8c44b9621baf009fe6320d2c54a97d18fad60c5cc54646ea00384a0198e734

                                        
                                            GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 

                                        
                                            
Host: afs.googleusercontent.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.33

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" 

                                        
                                            
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} 

                                        
                                            
content-length: 272 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Fri, 25 Nov 2022 00:03:53 GMT 

                                        
                                            
expires: Fri, 25 Nov 2022 23:03:53 GMT 

                                        
                                            
cache-control: public, max-age=82800 

                                        
                                            
age: 38873 

                                        
                                            
last-modified: Thu, 19 Dec 2019 14:15:00 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)

                                                Size:   272

                                                Md5:    bbbac37f0b6e29a6099e4aa7cb19d6ca

                                                Sha1:   0acafe95e2141f0af6109203efeb2d98e6b926c6

                                                Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2

                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 

                                        
                                            
Host: afs.googleusercontent.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.33

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" 

                                        
                                            
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} 

                                        
                                            
content-length: 174 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Thu, 24 Nov 2022 16:02:51 GMT 

                                        
                                            
expires: Fri, 25 Nov 2022 15:02:51 GMT 

                                        
                                            
cache-control: public, max-age=82800 

                                        
                                            
age: 67735 

                                        
                                            
last-modified: Thu, 22 Oct 2020 21:45:00 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators

                                                Size:   174

                                                Md5:    4de8b85c8915995b571bde50e231be7c

                                                Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99

                                                Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9" 

                                        
                                            
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14398 

                                        
                                            
Expires: Fri, 25 Nov 2022 14:51:44 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:46 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    6827d82f488045e02e40d6a2fdbae4b3

                                                Sha1:   4944139a4b08769511ffc6aa913857d88a0db7bc

                                                Sha256: 0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11743 

                                        
                                            
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cICD-F7joAMFqmA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw== 

                                        
                                            
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 21:54:45 GMT 

                                        
                                            
age: 46621 

                                        
                                            
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11743

                                                Md5:    8784bb7a8b88736a6016f712e3183bf3

                                                Sha1:   b0ddc1555d2506177adcdcea77864d75f1245d07

                                                Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11249 

                                        
                                            
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cFPHYHkAIAMFpBg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g== 

                                        
                                            
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 07:46:20 GMT 

                                        
                                            
age: 11126 

                                        
                                            
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11249

                                                Md5:    481c033b9ffd030ff0de6e35cf788b47

                                                Sha1:   85d3baad9217af2b5d75c019d2ef95dbb919a788

                                                Sha256: 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 3955 

                                        
                                            
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cCM9NGJHoAMF4sQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ== 

                                        
                                            
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 25 Nov 2022 04:23:00 GMT 

                                        
                                            
age: 23326 

                                        
                                            
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   3955

                                                Md5:    4006a9037ab5f28dca62b0aa7a704c41

                                                Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b

                                                Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8006 

                                        
                                            
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cIB-AHSrIAMFvKw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow== 

                                        
                                            
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 24 Nov 2022 21:54:39 GMT 

                                        
                                            
age: 46627 

                                        
                                            
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8006

                                                Md5:    8b6ee13d43732f7c764a49500d092865

                                                Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075

                                                Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4

                                        
                                            POST /v1/parkingEvents HTTP/1.1 

                                        
                                            
Host: api.aws.parking.godaddy.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://www6.contratamos.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: http://www6.contratamos.com 

                                        
                                            
Content-Length: 714 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         54.84.118.217

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
date: Fri, 25 Nov 2022 10:51:46 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
set-cookie: AWSALB=8pV5atXX6rlnK8ZKlMgu/VEZv1bH8o9Z+xLd6rZWvN4y4NjNuUvKY+qYsMRXXpTBKPLKSPtJcxN0wexXB6JeIMo8FWb5lvcgsdqI0dHxoi8s6oQsEDJfvIQNP5OF; Expires=Fri, 02 Dec 2022 10:51:46 GMT; Path=/
AWSALBCORS=8pV5atXX6rlnK8ZKlMgu/VEZv1bH8o9Z+xLd6rZWvN4y4NjNuUvKY+qYsMRXXpTBKPLKSPtJcxN0wexXB6JeIMo8FWb5lvcgsdqI0dHxoi8s6oQsEDJfvIQNP5OF; Expires=Fri, 02 Dec 2022 10:51:46 GMT; Path=/; SameSite=None; Secure 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "B37032C67EE677DF0C5CC0E4714511196ED0B307442B19ABAF86C1E0A4456AE5" 

                                        
                                            
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8699 

                                        
                                            
Expires: Fri, 25 Nov 2022 13:16:45 GMT 

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:46 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    65076c459568ff05978d7ddfe4b368cd

                                                Sha1:   a5b2b8a31d0f8a9a08e93e93cb5a08a9c424b297

                                                Sha256: b37032c67ee677df0c5cc0e4714511196ed0b307442b19abaf86c1e0a4456ae5

                                        
                                            POST /sn/ HTTP/1.1 

                                        
                                            
Host: postback.trafficmotor.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://www6.contratamos.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: http://www6.contratamos.com 

                                        
                                            
Content-Length: 142 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         45.79.38.145

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Server: openresty/1.13.6.1 

                                        
                                            
Date: Fri, 25 Nov 2022 10:51:47 GMT 

                                        
                                            
Content-Length: 3 

                                        
                                            
Connection: close 

                                        
                                            
Access-Control-Allow-Origin: http://www6.contratamos.com 

                                        
                                            
Vary: Origin 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text

                                                Size:   3

                                                Md5:    8a80554c91d9fca8acb82f023de02f11

                                                Sha1:   5f36b2ea290645ee34d943220a14b54ee5ea5be5

                                                Sha256: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 

                                        
                                            
Host: img1.wsimg.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www6.contratamos.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.36.79.43

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
x-amz-id-2: BJKddOb28V2CtOYHtdx3dgS4ijBb8z9Zz0e916fBJ6yIzilOfuV7lgEi1PzYX2UW11Gi/zLf5Nk= 

                                        
                                            
x-amz-request-id: A0GTYC5KNWH4XAW6 

                                        
                                            
last-modified: Fri, 16 Sep 2022 17:52:00 GMT 

                                        
                                            
etag: "04bb6e8d9135d976f28e9ba68fbc6f67" 

                                        
                                            
x-amz-server-side-encryption: AES256 

                                        
                                            
x-amz-version-id: 4zafttojs22R6rxiZs_M0ICLL.vyZxyd 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
expires: Sat, 25 Nov 2023 10:51:45 GMT 

                                        
                                            
date: Fri, 25 Nov 2022 10:51:45 GMT 

                                        
                                            
content-length: 135541 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	armonia.contratamos.com/
IP	96.126.123.244 (United States)
ASN	#63949 Linode, LLC
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-25 10:51:54 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	2
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (17)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 96.126.123.244

Last 5 reports on ASN: Linode, LLC

Last 2 reports on domain: contratamos.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (49)

Overview

Domain Summary (17)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 96.126.123.244

Last 5 reports on ASN: Linode, LLC

Last 2 reports on domain: contratamos.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (49)

Network Intrusion Detection Systems