urlquery - report: asszone.com/mtm/direct/.eJxdiksOwjAMBe_iZYlqllDEWZAVmSZSfjhGioq4O6Y72M2beS94SoQFEByQrN3QSPjOwmIjqLYFkXrfauHZ12w51K63Qpnt8FvIe25qWnkoBs3JUWspetJYC46vOYx_m9PlcT3OZzfhtNMJ3h8r1jMf:1oK3yD:MEtCGj7hEZNadstcrDN0DD0lu7Y/2

Overview

URL	asszone.com/mtm/direct/.eJxdiksOwjAMBe_iZYlqllDEWZAVmSZSfjhGioq4O6Y72M2beS94SoQFEByQrN3QSPjOwmIjqLYFkXrfauHZ12w51K63Qpnt8FvIe25qWnkoBs3JUWspetJYC46vOYx_m9PlcT3OZzfhtNMJ3h8r1jMf:1oK3yD:MEtCGj7hEZNadstcrDN0DD0lu7Y/2
IP	45.33.23.183
ASN	Linode, LLC
Location	United States
Report completed	2022-08-05 20:31:24 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-08-05	2	asszone.com/mtm/direct/.eJxdiksOwjAMBe_iZYlqllDEWZAVmSZSfjhGioq4O6Y72M2beS9 (...)	Malware
2022-08-05	2	www1.asszone.com/ls.php	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (16)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	www1.asszone.com (5)	0	2022-07-28 15:40:46 UTC	2022-08-05 13:18:57 UTC	75.2.73.197	Unknown ranking
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-08-05 10:07:16 UTC	93.184.220.29
[Mnemonic Passive DNS]	ocsp.pki.goog (7)	175	2017-06-14 07:23:31 UTC	2022-08-05 04:56:14 UTC	142.250.74.3
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-08-05 06:49:03 UTC	34.120.237.76
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.65
[Mnemonic Passive DNS]	d3d9ci7ypuovlo.cloudfront.net (1)	0	No data	No data	54.230.245.105	Unknown ranking
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-08-05 05:06:17 UTC	54.148.148.62
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-08-05 05:06:42 UTC	54.230.111.14
[Mnemonic Passive DNS]	c.parkingcrew.net (1)	70582	No data	No data	185.53.178.30
[Mnemonic Passive DNS]	partner.googleadservices.com (1)	798	2017-01-30 04:56:54 UTC	2022-08-05 05:01:52 UTC	142.250.74.98
[Mnemonic Passive DNS]	asszone.com (1)	0	No data	No data	45.33.23.183	Unknown ranking
[Mnemonic Passive DNS]	d1lxhc4jvstzrp.cloudfront.net (4)	0	No data	No data	54.230.245.39	Unknown ranking
[Mnemonic Passive DNS]	www.google.com (2)	7	2012-05-22 04:23:54 UTC	2022-08-05 19:43:45 UTC	142.250.74.164
[Mnemonic Passive DNS]	afs.googleusercontent.com (2)	12123	2017-01-30 05:39:23 UTC	2022-08-05 06:46:27 UTC	142.250.74.1
[Mnemonic Passive DNS]	r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-08-05 04:57:18 UTC	23.36.77.32

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.33.23.183

Date	UQ / IDS / BL	URL	IP
2022-08-14 04:57:56 +0000	0 - 0 - 2	totalfarm.com/	45.33.23.183
2022-08-14 04:39:24 +0000	0 - 0 - 1	adventuscovid19.com/mtm/direct/.eJxtiksOwjAMB (...)	45.33.23.183
2022-08-14 04:31:49 +0000	0 - 0 - 1	hundredroos.co.uk/mtm/direct/.eJxtkM1ygjAYRd- (...)	45.33.23.183
2022-08-14 02:52:33 +0000	0 - 0 - 2	hardhardsex.com/mtm/direct/.ejxlisekajemrp8lx (...)	45.33.23.183
2022-08-14 02:26:12 +0000	0 - 0 - 2	aleah.thigreives06.xyz/	45.33.23.183
2022-08-14 02:24:02 +0000	0 - 0 - 2	bigtitsclip.com/	45.33.23.183
2022-08-14 02:19:34 +0000	0 - 0 - 2	machosgay.com/	45.33.23.183
2022-08-14 01:37:50 +0000	0 - 0 - 2	fabienne-soumise.com/mtm/direct/.eJx1ikEKAjEM (...)	45.33.23.183
2022-08-14 01:31:14 +0000	0 - 0 - 2	ldaarkansas.org/mtm/direct/.eJxliksOwjAMBe_iZ (...)	45.33.23.183
2022-08-13 22:27:29 +0000	0 - 0 - 1	pplive888.com/mtm/direct/.eJxdikEOwjAMBP_iY4l (...)	45.33.23.183

Last 10 reports on ASN: Linode, LLC

Date	UQ / IDS / BL	URL	IP
2022-08-14 06:00:03 +0000	0 - 0 - 1	accessalohatravel.com/mtm/direct/.eJx1ikEKAjE (...)	72.14.185.43
2022-08-14 05:45:16 +0000	0 - 0 - 2	mothernature.one/wp-content/plugins/woocommer (...)	45.33.20.235
2022-08-14 05:16:47 +0000	0 - 0 - 1	athleticclearance.org/mtm/direct/.eJx1yssKwkA (...)	96.126.123.244
2022-08-14 04:57:56 +0000	0 - 0 - 2	totalfarm.com/	45.33.23.183
2022-08-14 04:55:10 +0000	0 - 0 - 2	best20sites.com/	45.33.18.44
2022-08-14 04:51:23 +0000	0 - 0 - 2	admin.classified.pointsource.ng/a3et6u5dw.rar	139.162.200.189
2022-08-14 04:39:24 +0000	0 - 0 - 1	adventuscovid19.com/mtm/direct/.eJxtiksOwjAMB (...)	45.33.23.183
2022-08-14 04:38:17 +0000	0 - 0 - 2	adultpleasures.com/	72.14.178.174
2022-08-14 04:35:54 +0000	0 - 0 - 2	ramar.com/mtm/direct/.eJxdydEKwjAMheF3yeVWll3 (...)	45.79.19.196
2022-08-14 04:34:01 +0000	0 - 0 - 3	abrazocampuspayment.com/	45.33.20.235

Last 1 reports on domain: asszone.com

Date	UQ / IDS / BL	URL	IP
2022-08-05 12:59:58 +0000	0 - 0 - 3	asszone.com/mtm/direct/.ejxdiksowjambe_izylql (...)	45.33.23.183

JavaScript

Executed Scripts (20)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (42)

Request	Response
GET /mtm/direct/.eJxdiksOwjAMBe_iZYlqllDEWZAVmSZSfjhGioq4O6Y72M2beS94SoQFEByQrN3QSPjOwmIjqLYFkXrfauHZ12w51K63Qpnt8FvIe25qWnkoBs3JUWspetJYC46vOYx_m9PlcT3OZzfhtNMJ3h8r1jMf:1oK3yD:MEtCGj7hEZNadstcrDN0DD0lu7Y/2 HTTP/1.1 Host: asszone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	45.33.23.183 HTTP/1.1 302 Found server: openresty/1.13.6.1 date: Fri, 05 Aug 2022 20:31:14 GMT content-type: text/html; charset=utf-8 content-length: 0 location: http://www1.asszone.com/?tm=1&subid4=1659731474.0471270000&kw=Learning+Management+System&KW1=Distance%20Learning%20System&KW2=Digital%20Learning%20Resources&KW3=Online%20Student%20Registration%20Software&KW4=Online%20School%20Registration%20Software&searchbox=0&domainname=0&backfill=0 x-mtm-path: 0 vary: Accept-Language content-language: en set-cookie: mtm_delivered=WyJhc3N6b25lLmNvbSIsImh0dHA6Ly93d3cxLmFzc3pvbmUuY29tLz90bT0xJnN1YmlkND0xNjU5NzMxNDc0LjA0NzEyNzAwMDAma3c9TGVhcm5pbmcrTWFuYWdlbWVudCtTeXN0ZW0mS1cxPURpc3RhbmNlJTIwTGVhcm5pbmclMjBTeXN0ZW0mS1cyPURpZ2l0YWwlMjBMZWFybmluZyUyMFJlc291cmNlcyZLVzM9T25saW5lJTIwU3R1ZGVudCUyMFJlZ2lzdHJhdGlvbiUyMFNvZnR3YXJlJktXND1PbmxpbmUlMjBTY2hvb2wlMjBSZWdpc3RyYXRpb24lMjBTb2Z0d2FyZSZzZWFyY2hib3g9MCZkb21haW5uYW1lPTAmYmFja2ZpbGw9MCIsMSwiMjAyMi0wOC0wNSAyMDozMToxNCIsMSwiMTY1OTczMTQ3NC4wNDcxMjcwMDAwIiwyMDYsbnVsbCxudWxsXQ:1oK3yU:_yAHT-lLH7w28Q8UWIatNecGBVU; expires=Fri, 05-Aug-2022 21:31:14 GMT; Max-Age=3600; Path=/ connection: close --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34" Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8984 Expires: Fri, 05 Aug 2022 23:00:58 GMT Date: Fri, 05 Aug 2022 20:31:14 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 897b60146adb68539b3dc20e78ef2ece Sha1: eace3c5af0104a58586040660a2565bbde5d3d72 Sha256: f055127a4794d0f76cb4df8f290df8e259258a63398a700f592c859dffe9ac34
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Fri, 05 Aug 2022 20:01:03 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 4Sgv-2evBW03J041xT0rytpN61t4X_Z2aiHLDrxOQGXVu6iUup8q9w== Age: 1811 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 578b9ff83ff3950ab2a3d1a8344d2938$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sun, 31 Jul 2022 18:34:08 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Fri, 05 Aug 2022 04:15:27 GMT etag: "578b9ff83ff3950ab2a3d1a8344d2938" x-cache: Hit from cloudfront via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 6Gev2_2r9_de1PYBpfl2CzIqrNKIvfgCbkrfF_QHFCx_RNT1Ldieog== age: 58548 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 578b9ff83ff3950ab2a3d1a8344d2938 Sha1: 39d48b67ba6aa45ec01767725e726cf9b0c87a70 Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Fri, 05 Aug 2022 20:31:14 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /?tm=1&subid4=1659731474.0471270000&kw=Learning+Management+System&KW1=Distance%20Learning%20System&KW2=Digital%20Learning%20Resources&KW3=Online%20Student%20Registration%20Software&KW4=Online%20School%20Registration%20Software&searchbox=0&domainname=0&backfill=0 HTTP/1.1 Host: www1.asszone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2800) Size: 5320 Md5: d59b1c79fdbb3d4a10533c76f4734ca9$ 75.2.73.197 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Fri, 05 Aug 2022 20:31:14 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket103 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_CbOFR1SVGccQdrmrZKM2Clk+4eqhArKNCM+ITHTn0k2IEPnKYcozB2+Nz67qb7DaCZAxg9ZhxkV61xc2KSEQTw== X-Template: tpl_Urspring_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2800) Size: 5320 Md5: d59b1c79fdbb3d4a10533c76f4734ca9 Sha1: 23dd578271a54e1cd0dfb5465832e87a46c07cc3 Sha256: 7a800b87c41c6e32365111ad1a11d8c9c0785b4e91382d5a05fe64627b773ccb
GET /scripts/js3caf.js HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.asszone.com/	54.230.245.39 HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 7000 Connection: keep-alive Server: nginx Date: Fri, 05 Aug 2022 00:50:16 GMT Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT Accept-Ranges: bytes ETag: "600022c9-1b58" X-Cache: Hit from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: _4zuGVyOiDdVIKkKWPXwK_bOvcngQGh7_PQmPBgVM-DQwWj-vfsYMg== Age: 70859 --- Additional Info --- Magic: ASCII text, with very long lines (316) Size: 7000 Md5: cce7f943ec8e7b4ba13be4aba6b463d9 Sha1: 220f3e8ca723daa91fd040cf518991a65f2bf110 Sha256: ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
GET /themes/urspring_2fef8ec8/style.css HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.asszone.com/	54.230.245.39 HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Fri, 05 Aug 2022 16:43:33 GMT Last-Modified: Tue, 17 May 2022 14:10:00 GMT Content-Encoding: gzip ETag: W/"6283acb8-577" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: AptFqM6mEBJunCJdI8o8FmP89SLjBPMV89XqgpXH3I57tS6Di1p9wQ== Age: 13662 --- Additional Info --- Magic: ASCII text Size: 595 Md5: 3467fcf391de4afa7667a4f28cf9bdee Sha1: e0bd69005cd9f0a608a230c8268e26e529240258 Sha256: 55ed4b318bf91e37cdca77a89b672b77f88ac9faf184aa4c63e5bcf5971141bc
GET /themes/assets/style.css HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.asszone.com/	54.230.245.39 HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Fri, 05 Aug 2022 06:34:09 GMT Last-Modified: Tue, 12 May 2020 14:25:52 GMT Content-Encoding: gzip ETag: W/"5ebab1f0-33d" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: xMjiEz6i9yovTkiMdsqBDUQvlBHR2A2G6qgvb0PgcsCWl4a_ZWajLw== Age: 50226 --- Additional Info --- Magic: ASCII text Size: 343 Md5: 03a4a8c322fc0c99b0ee7cbbcc9eabcd Sha1: 6fc193276de2a3458cd853c474cb9269b900e00d Sha256: a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.asszone.com/	142.250.74.164 HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 Accept-Ranges: bytes Vary: Accept-Encoding Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Fri, 05 Aug 2022 20:31:15 GMT Expires: Fri, 05 Aug 2022 20:31:15 GMT Cache-Control: private, max-age=3600 ETag: "10318188865445771520" X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0 --- Additional Info --- Magic: ASCII text, with very long lines (2174) Size: 53347 Md5: b49b218d7f687ba7c72c44f928ea01e6 Sha1: 63fa95be78e6f1aa7938b2c16311a93d1ef5cded Sha256: 524ae14cebf76a15f15af3f75f021dbfa3c84b6e4af311ad850733a45395dac2
GET /scripts/sale_form.js HTTP/1.1 Host: c.parkingcrew.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.asszone.com/	185.53.178.30 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Fri, 05 Aug 2022 20:31:15 GMT Content-Length: 761 Connection: keep-alive Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-2f9" Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 761 Md5: 64f809e06446647e192fce8d1ec34e09 Sha1: 5b7ced07da42e205067afa88615317a277a4a82c Sha256: f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Fri, 05 Aug 2022 20:16:14 GMT Cache-Control: max-age=3600 Expires: Fri, 05 Aug 2022 20:31:16 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 6eybtJeAKRhvtBBfg2bGdd4gUa837Sqanla1DpjP8hc2x9jPsSMNuA== Age: 901 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3037 Cache-Control: max-age=131203 Date: Fri, 05 Aug 2022 20:31:15 GMT Etag: "62eccfb9-1d7" Expires: Sun, 07 Aug 2022 08:57:58 GMT Last-Modified: Fri, 05 Aug 2022 08:07:21 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee9c2d2db5cdffcdf3d0de9dec5a75a7 Sha1: bfc2ba6d838914231592d4bdf57f03ae7fa829f5 Sha256: b5c8c1af3e56b1edd64a616826135ddfb269fdbe2a6b965a4b0eacc6fe5c6849
GET /spyderx/SpyderXElite_5.8.pkg.zip HTTP/1.1 Host: d3d9ci7ypuovlo.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Range: bytes=129892352- If-Match: "4b06ac852d3d9889da31ce5158de0ae5" If-Unmodified-Since: Mon, 21 Jun 2021 08:37:25 GMT	54.230.245.105 HTTP/1.1 206 Partial Content Content-Type: application/zip Content-Length: 24137 Connection: keep-alive Date: Fri, 05 Aug 2022 10:19:21 GMT Last-Modified: Mon, 21 Jun 2021 08:37:25 GMT ETag: "4b06ac852d3d9889da31ce5158de0ae5" x-amz-meta-s3cmd-attrs: uid:150/gname:users/uname:tschach/gid:100/mode:33188/mtime:1624263628/atime:1624263626/ctime:1624263910 Accept-Ranges: bytes Server: AmazonS3 Content-Range: bytes 129892352-129916488/129916489 X-Cache: Hit from cloudfront Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: ISvJCxZPUbedcMPdHc83mSt0B5nVmjRO5dVl92z4tZObh-1zZn_tFQ== Age: 36715 --- Additional Info --- Magic: data Size: 24137 Md5: bdf5901a5290854ec8270f1ef4f22ae7 Sha1: c1c31d498853210d7b784fec749d649ffaff9516 Sha256: 2526ba1c1c01cc1e2b8cd42ad3ed2abf82e0053f3bdf59066b0d60e2cdf60d7d
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: UyVkZ8QeA6++oRR1Ly1cCg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	54.148.148.62 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: Kx98sLCIOQlBkUQcieK6HnzzKJ0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/urspring_2fef8ec8/img/arrows.png HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://d1lxhc4jvstzrp.cloudfront.net/themes/urspring_2fef8ec8/style.css	$Magic: PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size: 11375 Md5: 0cb2e5165dc9324eb462199f04e1ffa9$ 54.230.245.39 HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11375 Connection: keep-alive Server: nginx Date: Fri, 05 Aug 2022 05:02:30 GMT Last-Modified: Tue, 17 May 2022 14:10:00 GMT ETag: "6283acb8-2c6f" X-Cache: Hit from cloudfront Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: TaMyAjig9V9W3FI3_2rcaJP1kPuwbIHBoqx1eQJVvG0_l48qPyHGrw== Age: 55725 --- Additional Info --- Magic: PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size: 11375 Md5: 0cb2e5165dc9324eb462199f04e1ffa9 Sha1: 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 Sha256: 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /favicon.ico HTTP/1.1 Host: www1.asszone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.asszone.com/?tm=1&subid4=1659731474.0471270000&kw=Learning+Management+System&KW1=Distance%20Learning%20System&KW2=Digital%20Learning%20Resources&KW3=Online%20Student%20Registration%20Software&KW4=Online%20School%20Registration%20Software&searchbox=0&domainname=0&backfill=0	75.2.73.197 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Fri, 05 Aug 2022 20:31:16 GMT Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-0" Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.php?domain=asszone.com&toggle=browserjs&uid=MTY1OTczMTQ3NC45Mzk3OjRkYzI0MjhkNTgzNDJkMDlkMDVhNWE1ZTdkMWJiMTJhYmI1MWZhYzNhNmY2NzJiMTQ3NDZjNzA0YTU5NGRkMWM6NjJlZDdlMTJlNTZiMg%3D%3D HTTP/1.1 Host: www1.asszone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.asszone.com/?tm=1&subid4=1659731474.0471270000&kw=Learning+Management+System&KW1=Distance%20Learning%20System&KW2=Digital%20Learning%20Resources&KW3=Online%20Student%20Registration%20Software&KW4=Online%20School%20Registration%20Software&searchbox=0&domainname=0&backfill=0	75.2.73.197 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Fri, 05 Aug 2022 20:31:16 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 05 Aug 2022 20:31:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: f186efd9f74ae592f2ee45e97149e2a3 Sha1: 3875eb46c68554850f5871604d9fad421415f9f5 Sha256: 15cc3dabd9eb27be33bcef5e43d7ff98af1535d11612c1174db255d1b39c7fc3
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Distance%20Learning%20System%2CDigital%20Learning%20Resources%2COnline%20Student%20Registration%20Software%2COnline%20School%20Registration%20Software&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2752665356870999&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r4%7Cs&nocache=691659731476233&num=0&output=afd_ads&domain_name=www1.asszone.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1659731476236&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=795&frm=0&uio=--&cont=tc&jsid=caf&jsv=464605827&rurl=http%3A%2F%2Fwww1.asszone.com%2F%3Ftm%3D1%26subid4%3D1659731474.0471270000%26kw%3DLearning%2BManagement%2BSystem%26KW1%3DDistance%2520Learning%2520System%26KW2%3DDigital%2520Learning%2520Resources%26KW3%3DOnline%2520Student%2520Registration%2520Software%26KW4%3DOnline%2520School%2520Registration%2520Software%26searchbox%3D0%26domainname%3D0%26backfill%3D0&adbw=master-1%3A530 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www1.asszone.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6580) Size: 2160 Md5: 37878eb38782511639dd733bfa26b5ae$ 142.250.74.164 HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Fri, 05 Aug 2022 20:31:16 GMT expires: Fri, 05 Aug 2022 20:31:16 GMT cache-control: private, max-age=3600 content-encoding: br server: gws content-length: 2160 x-xss-protection: 0 set-cookie: CONSENT=PENDING+199; expires=Sun, 04-Aug-2024 20:31:16 GMT; path=/; domain=.google.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6580) Size: 2160 Md5: 37878eb38782511639dd733bfa26b5ae Sha1: 8609c5cc2accb7c9014d839342a5e7b9a9334ad3 Sha256: 9dd967bf5c2584c2aed2174a82caa2f2632cac0c6fe63f2083fb5efeced74ba6
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 05 Aug 2022 20:31:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c8965ef8a1a858ba992cda89452a9e60 Sha1: ac98d5a71e5c4838d8f610520f1c758663a94412 Sha256: 2c673e20f6572669c4fbf2966ab35fbe4595b27259f7e33762f1d08eaaf1b549
GET /gampad/cookie.js?domain=www1.asszone.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www1.asszone.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.98 HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin content-type: text/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Fri, 05 Aug 2022 20:31:16 GMT server: cafe cache-control: private content-length: 178 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 178 Md5: 638d7fc860fa85ed75eda50aea5e2ea8 Sha1: 594674b0689b8fd6755cc25ce869931a76107d68 Sha256: f839357218a6e69ade5b0c38943fb58293aec4c81d4bac9702ede67eeed46f07
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 05 Aug 2022 20:31:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 83b236b553fa7d29608af3f9a86c6af0 Sha1: 6202bdcb064fd381cde2485a3105750c42fe692d Sha256: 1462d24e74f70b40fcf450c2ba1a4f5575bf20f15e4b9855ff3bcc0ec1fae41c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 05 Aug 2022 20:31:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: f2d9722e971aa9b9eb3923da6248a714 Sha1: e4469ff02f101dc015e3f79a31947e9a6663386a Sha256: eb9ceba3a4f3df898cd2a2f3106e53775678c5bdd6a749169984080bf1deec98
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 05 Aug 2022 20:31:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c01a986bff6780f56d885da12579e2a Sha1: a0d8e208182caa7e3d4aea1e85ac96c6be9b10b0 Sha256: 9a9d6c5f410f632ea1ec20c1f145b5a4b9c0febd718132280476a4ed89cd0321
POST /ls.php HTTP/1.1 Host: www1.asszone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 2730 Origin: http://www1.asszone.com Connection: keep-alive Referer: http://www1.asszone.com/?tm=1&subid4=1659731474.0471270000&kw=Learning+Management+System&KW1=Distance%20Learning%20System&KW2=Digital%20Learning%20Resources&KW3=Online%20Student%20Registration%20Software&KW4=Online%20School%20Registration%20Software&searchbox=0&domainname=0&backfill=0	75.2.73.197 HTTP/1.1 201 Created Content-Type: text/javascript;charset=UTF-8 Date: Fri, 05 Aug 2022 20:31:16 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 62ed7e1485c81a7e8b530679 Charset: utf-8 Access-Control-Allow-Origin: http://www1.asszone.com Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_NNfZPwz0rhQk3s60S3s/hhd0UjiDgxkFrVDB/i1bSl4u0Gp2wXMuZuC7sd4WFg09V6PHTdjLBSSnUHIp36zeAQ== --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca$ 142.250.74.1 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 272 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Fri, 05 Aug 2022 02:15:52 GMT expires: Sat, 06 Aug 2022 01:15:52 GMT cache-control: public, max-age=82800 age: 65724 last-modified: Thu, 19 Dec 2019 14:15:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca Sha1: 0acafe95e2141f0af6109203efeb2d98e6b926c6 Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 05 Aug 2022 20:31:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c01a986bff6780f56d885da12579e2a Sha1: a0d8e208182caa7e3d4aea1e85ac96c6be9b10b0 Sha256: 9a9d6c5f410f632ea1ec20c1f145b5a4b9c0febd718132280476a4ed89cd0321
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c$ 142.250.74.1 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Fri, 05 Aug 2022 03:16:23 GMT expires: Sat, 06 Aug 2022 02:16:23 GMT cache-control: public, max-age=82800 age: 62093 last-modified: Thu, 22 Oct 2020 21:45:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c Sha1: 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 05 Aug 2022 20:31:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3c01a986bff6780f56d885da12579e2a Sha1: a0d8e208182caa7e3d4aea1e85ac96c6be9b10b0 Sha256: 9a9d6c5f410f632ea1ec20c1f145b5a4b9c0febd718132280476a4ed89cd0321
GET /track.php?domain=asszone.com&caf=1&toggle=answercheck&answer=yes&uid=MTY1OTczMTQ3NC45Mzk3OjRkYzI0MjhkNTgzNDJkMDlkMDVhNWE1ZTdkMWJiMTJhYmI1MWZhYzNhNmY2NzJiMTQ3NDZjNzA0YTU5NGRkMWM6NjJlZDdlMTJlNTZiMg%3D%3D HTTP/1.1 Host: www1.asszone.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.asszone.com/?tm=1&subid4=1659731474.0471270000&kw=Learning+Management+System&KW1=Distance%20Learning%20System&KW2=Digital%20Learning%20Resources&KW3=Online%20Student%20Registration%20Software&KW4=Online%20School%20Registration%20Software&searchbox=0&domainname=0&backfill=0 Cookie: __gsas=ID=fe249d647d01143c:T=1659731476:S=ALNI_MaGndMmMI7bNlklR92ffy5NrA-_fw	75.2.73.197 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Fri, 05 Aug 2022 20:31:16 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12502 Expires: Fri, 05 Aug 2022 23:59:39 GMT Date: Fri, 05 Aug 2022 20:31:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12502 Expires: Fri, 05 Aug 2022 23:59:39 GMT Date: Fri, 05 Aug 2022 20:31:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12502 Expires: Fri, 05 Aug 2022 23:59:39 GMT Date: Fri, 05 Aug 2022 20:31:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12502 Expires: Fri, 05 Aug 2022 23:59:39 GMT Date: Fri, 05 Aug 2022 20:31:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632" Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12502 Expires: Fri, 05 Aug 2022 23:59:39 GMT Date: Fri, 05 Aug 2022 20:31:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7a0a47597b227144ff5720a6c9f2a348 Sha1: 97573348eaf4c2c512a8c0fc60838f8148e05937 Sha256: 7d129895dd82ace0d70fe0d261b7c2e924e869686cedf20c238efa6bfdf5e632
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc784bce7-8d03-4e3d-9cb0-d693727bdedd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12738 Md5: 0cc5d2ca53e113f75d06592dc99af438$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 12738 x-amzn-requestid: 75aa2a01-23f9-4d26-9393-0e34bdb7d919 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WW5NRF3DIAMFliA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ec3bee-129cb6d10824a106136f1901;Sampled=0 x-amzn-remapped-date: Thu, 04 Aug 2022 21:36:46 GMT x-amz-cf-pop: HIO50-C1, YVR50-C1 x-cache: Hit from cloudfront x-amz-cf-id: zCQQHy19EggGF1tdmZM8bsFtgu2HFsgt7x7SZQkUD5_Yu1gg8HHAgQ== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 9b34a4c8b07eed6c2ff20b5adbbfa7c4.cloudfront.net (CloudFront), 1.1 google date: Thu, 04 Aug 2022 21:40:29 GMT age: 82248 etag: "9f64c3f3eb43707d06563dfbc45973fd8cec914f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12738 Md5: 0cc5d2ca53e113f75d06592dc99af438 Sha1: 9f64c3f3eb43707d06563dfbc45973fd8cec914f Sha256: 26c5a16d97987bce61cbaab0c193d70f6700d39d2b5ec35b34a0745dd776e735
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9874fcc-fce2-4d50-9f55-fcde28b2b003.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9340 Md5: 1d70a058974c247287d0ba91ef0d87b7$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9340 x-amzn-requestid: 7cef9d2a-be55-4200-9355-baf5020266ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WLA9-GEKoAMFkjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62e77b8c-5114885735fd281b26a3f22c;Sampled=0 x-amzn-remapped-date: Mon, 01 Aug 2022 07:06:52 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: ZD6XNIA5hrblAdJ0LIHZyVXP5rpFctgvOswjkF0OQo2M-UsW8ydTfw== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 08:34:58 GMT age: 42979 etag: "de136af89b4d753bf7effbd29fb4cc308cf4eeea" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9340 Md5: 1d70a058974c247287d0ba91ef0d87b7 Sha1: de136af89b4d753bf7effbd29fb4cc308cf4eeea Sha256: 83647edeedb85710e85517a44c1d6b94d785de733ca532ac0754029fed32642f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1742e3c-0ad7-4e71-88e4-a2fc68297b79.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8759 Md5: a3921d8d17b11e4582678c422ed7d763$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8759 x-amzn-requestid: ce69ca7a-7c37-483a-ba83-36f4eccbdd9b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WXRPSGFJoAMFwmA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ec6261-5ba7db05235f47234af7c00f;Sampled=0 x-amzn-remapped-date: Fri, 05 Aug 2022 00:20:49 GMT x-amz-cf-pop: HIO50-C1, YVR50-C1 x-cache: Hit from cloudfront x-amz-cf-id: hyrRopy4Ozpw9xb02bTWxqUFPJX5-xAlQkD1-mNmxzfNLQ20cdTUzw== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ba55932f4947672586f0865cea81e028.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 00:36:00 GMT age: 71717 etag: "e4121b65876b2fdbc30810f4c5b2217f6b3c265f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8759 Md5: a3921d8d17b11e4582678c422ed7d763 Sha1: e4121b65876b2fdbc30810f4c5b2217f6b3c265f Sha256: 50438953d82536b80367e02e717ada943ed68df09b36f20a236b9a930222b404
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bda9d1d-e7d2-4beb-b172-566cac219173.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6163 Md5: e7a0cfb1de3d318660096ee50bd33b69$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6163 x-amzn-requestid: 926980e1-e103-415d-806c-affc9b623e25 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WW5JCGDwIAMFa4A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ec3bd3-037ec4ca0d11ca397ca087bf;Sampled=0 x-amzn-remapped-date: Thu, 04 Aug 2022 21:36:19 GMT x-amz-cf-pop: HIO50-C1, YVR50-C1 x-cache: Miss from cloudfront x-amz-cf-id: Pjt1WG05kEIbpju9FEaj7GW46g1C8JDZS9k9BJ0JvtO2bfRzpjSo6w== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e94af8eda63444d7836dbe832a0a5c54.cloudfront.net (CloudFront), 1.1 google date: Thu, 04 Aug 2022 21:40:35 GMT etag: "fa8b28cdfe5354ac9167a3d6f9483598c01157a5" content-type: image/jpeg age: 82242 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6163 Md5: e7a0cfb1de3d318660096ee50bd33b69 Sha1: fa8b28cdfe5354ac9167a3d6f9483598c01157a5 Sha256: b46f623cdc849a089e3734ec6ac559b0d04400f07dad90919afbb5fb0297a513
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5534e-9801-465a-96f2-766e87153fdf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10876 Md5: 509c8b427f9f5d83e4151c7fdbf41584$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10876 x-amzn-requestid: 9a0a5e75-6e57-4de8-b478-a8919b69dc3a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WREGbHBIIAMF68w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62e9e6f5-10b310e1661fa629091afaa5;Sampled=0 x-amzn-remapped-date: Wed, 03 Aug 2022 03:09:41 GMT x-amz-cf-pop: YVR50-C1 x-cache: Hit from cloudfront x-amz-cf-id: u4vkonvRIwC3WvAdd07v-guyqYvT1RkCA-pUaZW6tWgKYnPP6eU08w== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 5c6526bb54cf9233578cb72c28111052.cloudfront.net (CloudFront), 1.1 google date: Fri, 05 Aug 2022 03:46:52 GMT age: 60265 etag: "edbc581f04ef31a8ed767099ec75036fbf8325aa" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10876 Md5: 509c8b427f9f5d83e4151c7fdbf41584 Sha1: edbc581f04ef31a8ed767099ec75036fbf8325aa Sha256: 332aeca25dca05eec3575a3523401f1a1b8d47be703c75341154fdae9e7b8fc6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44742514-d09b-47c6-b87d-280489ead14e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9292 Md5: 34a74b92d9fc09b11d5e239c1f7238d8$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9292 x-amzn-requestid: c6a6620d-ba85-449e-a929-fb7d2b692c6e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: WW5OTFm9oAMFuQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ec3bf4-446d4a213934612121414e0e;Sampled=0 x-amzn-remapped-date: Thu, 04 Aug 2022 21:36:52 GMT x-amz-cf-pop: HIO50-C1, YVR50-C1 x-cache: Hit from cloudfront x-amz-cf-id: uUVfUqH07GN8mlzoBzwe9YlC3IPophf7cXaB32p-Jvc9OA0uV9YXJg== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 040bad3c7f7db09654c66da40c719fb0.cloudfront.net (CloudFront), 1.1 google date: Thu, 04 Aug 2022 21:40:35 GMT age: 82242 etag: "969984181328d015607367853b091829686da82f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9292 Md5: 34a74b92d9fc09b11d5e239c1f7238d8 Sha1: 969984181328d015607367853b091829686da82f Sha256: 09c99cdf79f21a52764e9c264ce1da90b0e74ddd28b1bba5bc3fc3f208570a66