urlquery - report: gotgeeks.com/mtm/direct/.eJxdikEOwjAMBP_iY4lqjlDEW5AVmSQiaYJjpEiIv-P22NvszH7hIwkWQHBAErqhkfCThcVGVG0LYqgamF999rVYj7XrY6XC9jgk8p6bmlceilFLdtRaTp401RXHZk7jaEu-ve_n-eomnHa6wO8PkTIzyw:1o9Gee:iKH5

Overview

URL	gotgeeks.com/mtm/direct/.eJxdikEOwjAMBP_iY4lqjlDEW5AVmSQiaYJjpEiIv-P22NvszH7hIwkWQHBAErqhkfCThcVGVG0LYqgamF999rVYj7XrY6XC9jgk8p6bmlceilFLdtRaTp401RXHZk7jaEu-ve_n-eomnHa6wO8PkTIzyw:1o9Gee:iKH5_MOrI6CISUlBFObD3lHlDec/2
IP	45.79.19.196
ASN	Linode, LLC
Location	United States
Report completed	2022-07-07 01:50:33 UTC
Status	Loading report..
urlquery Alerts	DynDNS domain detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-07	2	gotgeeks.com/mtm/direct/.eJxdikEOwjAMBP_iY4lqjlDEW5AVmSQiaYJjpEiIv-P22NvszH (...)	Malware
2022-07-07	2	www1.gotgeeks.com/ls.php	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (15)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	www1.gotgeeks.com (5)	0	2022-06-18 05:52:25 UTC	2022-07-06 14:09:00 UTC	76.223.26.96	Unknown ranking
[Mnemonic Passive DNS]	d1lxhc4jvstzrp.cloudfront.net (4)	0	No data	No data	54.230.245.39	Unknown ranking
[Mnemonic Passive DNS]	www.google.com (2)	7	2012-05-22 04:23:54 UTC	2022-07-06 17:41:41 UTC	142.250.74.164
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-06 04:47:23 UTC	52.33.155.176
[Mnemonic Passive DNS]	afs.googleusercontent.com (2)	12123	2017-01-30 05:39:23 UTC	2022-07-06 06:54:39 UTC	142.250.74.33
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-06 17:02:11 UTC	34.120.237.76
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.7
[Mnemonic Passive DNS]	ocsp.pki.goog (7)	175	2017-06-14 07:23:31 UTC	2022-07-06 04:42:12 UTC	142.250.74.3
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-06 19:05:02 UTC	93.184.220.29
[Mnemonic Passive DNS]	r3.o.lencr.org (4)	344	2020-12-02 08:52:13 UTC	2022-07-06 04:41:34 UTC	23.36.77.32
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	gotgeeks.com (1)	0	No data	No data	96.126.123.244	Unknown ranking
[Mnemonic Passive DNS]	c.parkingcrew.net (1)	70582	No data	No data	185.53.178.30
[Mnemonic Passive DNS]	partner.googleadservices.com (1)	798	2017-01-30 04:56:54 UTC	2022-07-06 04:45:02 UTC	142.250.74.130
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-06 04:55:23 UTC	54.230.111.64

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.79.19.196

Date	UQ / IDS / BL	URL	IP
2022-08-09 08:34:23 +0000	0 - 0 - 2	classicoil.com/	45.79.19.196
2022-08-09 07:43:54 +0000	0 - 0 - 2	massagee.org/mtm/direct/.eJxdikEOwjAMBP_iY4lq (...)	45.79.19.196
2022-08-09 04:44:53 +0000	0 - 0 - 1	ppetcoparkinsider.com/mtm/direct/.eJx1yssKAjE (...)	45.79.19.196
2022-08-09 01:01:50 +0000	0 - 0 - 2	applesong.com/	45.79.19.196
2022-08-08 21:49:40 +0000	0 - 0 - 2	www.biosint.com/	45.79.19.196
2022-08-08 19:22:12 +0000	0 - 0 - 2	conclusiveoutlet.com/mtm/direct/.eJx1issKQjEM (...)	45.79.19.196
2022-08-08 15:52:18 +0000	0 - 0 - 3	totaldeath.com/mtm/direct/.ejxlikeowjambp_iy4 (...)	45.79.19.196
2022-08-08 09:23:33 +0000	0 - 0 - 2	dailysmutsite.com/mtm/direct/.eJxtikEOwjAMBP_ (...)	45.79.19.196
2022-08-08 08:57:51 +0000	0 - 0 - 2	daswerk.co/mtm/direct/.eJxdic0OwiAMgN-lx0lWjz (...)	45.79.19.196
2022-08-08 07:46:34 +0000	0 - 0 - 1	buyoilbarrels.com/mtm/direct/.eJxtikEOwjAMBP_ (...)	45.79.19.196

Last 10 reports on ASN: Linode, LLC

Date	UQ / IDS / BL	URL	IP
2022-08-09 11:23:44 +0000	0 - 0 - 2	lovergirl.com/	45.33.18.44
2022-08-09 11:14:54 +0000	0 - 0 - 4	getme.co.nz/mtb/login.php	45.79.238.21
2022-08-09 10:56:45 +0000	0 - 0 - 3	tinybreasts.com/	45.33.18.44
2022-08-09 10:03:13 +0000	0 - 0 - 2	www.chawkyfrenn.com/icon/JtT/	50.116.62.25
2022-08-09 10:02:56 +0000	0 - 0 - 2	icket.com/http:/icket.com/mtm/direct/.eJw9kEt (...)	173.255.194.134
2022-08-09 09:45:24 +0000	0 - 0 - 1	cumfixation.com/mtm/direct/.eJxlikEOwjAMBP_iY (...)	45.33.23.183
2022-08-09 09:39:55 +0000	0 - 0 - 2	whitepanties.net/	173.255.194.134
2022-08-09 09:23:16 +0000	0 - 0 - 3	zappmedia.cm/mtm/direct/.ejxdikeowjambp_iy4lq (...)	198.58.118.167
2022-08-09 09:23:10 +0000	0 - 0 - 3	vestafscareers.com/mtm/direct/.ejxtikekajemre (...)	173.255.194.134
2022-08-09 09:19:27 +0000	0 - 0 - 3	supermerc.com/mtm/direct/.ejxdikeowjambp_iy4l (...)	45.33.2.79

Last 10 reports on domain: gotgeeks.com

Date	UQ / IDS / BL	URL	IP
2022-07-07 01:50:25 +0000	9 - 0 - 4	gotgeeks.com/	45.56.79.23
2022-06-25 22:28:40 +0000	6 - 0 - 3	p2pool-eu.gotgeeks.com/mtm/direct/.ejx1ykekaj (...)	198.58.118.167
2019-05-31 05:10:27 +0200	15 - 5 - 18	pelemagytarydy.gotgeeks.com/	192.64.147.171
2017-12-31 22:12:18 +0100	3 - 0 - 1	automatquement-improving.gotgeeks.com/existan (...)	81.2.235.141
2017-12-31 22:12:12 +0100	3 - 0 - 1	automatquement-improving.gotgeeks.com/existan (...)	81.2.235.141
2017-12-18 20:51:11 +0100	1 - 0 - 1	torrent.gotgeeks.com/index.php	114.147.100.46
2017-11-07 22:42:32 +0100	8 - 5 - 1	activer-pass.gotgeeks.com/	80.211.253.5
2017-11-07 17:35:20 +0100	7 - 1 - 0	activer-pass.gotgeeks.com/Awards/sg	80.211.253.5
2017-11-07 17:35:18 +0100	6 - 5 - 0	activer-pass.gotgeeks.com/Awards/sg/	80.211.253.5
2017-10-26 15:31:58 +0200	1 - 0 - 1	information-update-increase.gotgeeks.com/	217.61.20.22

JavaScript

Executed Scripts (20)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (39)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 07 Jul 2022 00:56:25 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 5MKtRoS5KG40FeLWqBKU3FMnPDDxJX6z_eBTQwL1Q-go-NhHkuPcuw== Age: 3235 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /mtm/direct/.eJxdikEOwjAMBP_iY4lqjlDEW5AVmSQiaYJjpEiIv-P22NvszH7hIwkWQHBAErqhkfCThcVGVG0LYqgamF999rVYj7XrY6XC9jgk8p6bmlceilFLdtRaTp401RXHZk7jaEu-ve_n-eomnHa6wO8PkTIzyw:1o9Gee:iKH5_MOrI6CISUlBFObD3lHlDec/2 HTTP/1.1 Host: gotgeeks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	96.126.123.244 HTTP/1.1 302 Found server: openresty/1.13.6.1 date: Thu, 07 Jul 2022 01:50:20 GMT content-type: text/html; charset=utf-8 content-length: 0 location: http://www1.gotgeeks.com/?tm=1&subid4=1657158612.0192340000 vary: Accept-Language content-language: en set-cookie: mtm_delivered=WyJnb3RnZWVrcy5jb20iLCJodHRwOi8vd3d3MS5nb3RnZWVrcy5jb20vP3RtPTEmc3ViaWQ0PTE2NTcxNTg2MTIuMDE5MjM0MDAwMCIsMSwiMjAyMi0wNy0wNyAwMTo1MDoxMiIsMiwiMTY1NzE1ODYxMi4wMTkyMzQzMDg4IiwzMjgsbnVsbCxudWxsXQ:1o9Geq:D8EsAcfk9tUhEXhv8oF06BJFOtA; expires=Thu, 07-Jul-2022 02:50:20 GMT; Max-Age=3600; Path=/ connection: close --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666" Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6910 Expires: Thu, 07 Jul 2022 03:45:30 GMT Date: Thu, 07 Jul 2022 01:50:20 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1bd93fff937cfdc8744b841243b93fd5 Sha1: 240c31be9cdaeb5d1e4f9e3558c812ba007e6d22 Sha256: 78a5dcfaf2d93d9c87cfb6dbc56100e9f22965d4500554ba65f71cb7d84dd666
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.64 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Wed, 06 Jul 2022 03:26:46 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: w4IAMt_E1bLjj1-uzUvu3rUP_Pyx1gHNOQQaxUy2egmRQN2VEDe0jw== age: 80615 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 07 Jul 2022 01:50:20 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /?tm=1&subid4=1657158612.0192340000 HTTP/1.1 Host: www1.gotgeeks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2662) Size: 5288 Md5: eeba3bedd2d2cdb3c75d9ab1431db960$ 76.223.26.96 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Thu, 07 Jul 2022 01:50:20 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Buckets: bucket103 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_NwwRfYp51XJFrrsD3pzyGtPV5tR3/M4t44/WeQw9aA+yi2Zt7uW2QSyV9gUz+psZCn5s0HZgdVkfxxfBzJ5bwQ== X-Template: tpl_Urspring_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2662) Size: 5288 Md5: eeba3bedd2d2cdb3c75d9ab1431db960 Sha1: 77a85f3b662da1ff387d4092dce62ab8e40c0419 Sha256: 686aea0fe324bf1a5ea80df425ffad21697cdb81554ca04e709331a0813a9856 Alerts: urlquery: - DynDNS domain detected
GET /themes/urspring_2fef8ec8/style.css HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.gotgeeks.com/	54.230.245.39 HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Wed, 06 Jul 2022 16:43:17 GMT Last-Modified: Tue, 17 May 2022 14:10:00 GMT Content-Encoding: gzip ETag: W/"6283acb8-577" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: IjzfPNbts3aHPQVZpcSdtNQiqrsWIw8xlXck_9AOMHDO5Rvp4fKaKQ== Age: 32823 --- Additional Info --- Magic: ASCII text Size: 595 Md5: 3467fcf391de4afa7667a4f28cf9bdee Sha1: e0bd69005cd9f0a608a230c8268e26e529240258 Sha256: 55ed4b318bf91e37cdca77a89b672b77f88ac9faf184aa4c63e5bcf5971141bc
GET /scripts/js3caf.js HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.gotgeeks.com/	54.230.245.39 HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 7000 Connection: keep-alive Server: nginx Date: Thu, 07 Jul 2022 00:50:10 GMT Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT Accept-Ranges: bytes ETag: "600022c9-1b58" X-Cache: Hit from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: _YsSDVVfuZJWMxwG0HZp-Bc1k0OdOpHD4fHPzkDvfbVRGpbraZjA8w== Age: 3610 --- Additional Info --- Magic: ASCII text, with very long lines (316) Size: 7000 Md5: cce7f943ec8e7b4ba13be4aba6b463d9 Sha1: 220f3e8ca723daa91fd040cf518991a65f2bf110 Sha256: ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
GET /themes/assets/style.css HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.gotgeeks.com/	54.230.245.39 HTTP/1.1 200 OK Content-Type: text/css Transfer-Encoding: chunked Connection: keep-alive Server: nginx Date: Wed, 06 Jul 2022 06:34:08 GMT Last-Modified: Tue, 12 May 2020 14:25:52 GMT Content-Encoding: gzip ETag: W/"5ebab1f0-33d" Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: gFXADqm80l_6DM9b5bIYIRNuov4mDveqbIMcFE5jBRaDbscQl7t-ag== Age: 69372 --- Additional Info --- Magic: ASCII text Size: 343 Md5: 03a4a8c322fc0c99b0ee7cbbcc9eabcd Sha1: 6fc193276de2a3458cd853c474cb9269b900e00d Sha256: a535d2296792cb37a2bbad1d9d0546e3383a8a5bfac0d9edda15795c226bddf7
GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.gotgeeks.com/	142.250.74.164 HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 Accept-Ranges: bytes Vary: Accept-Encoding Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui" Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} Date: Thu, 07 Jul 2022 01:50:20 GMT Expires: Thu, 07 Jul 2022 01:50:20 GMT Cache-Control: private, max-age=3600 ETag: "8234502739644126637" X-Content-Type-Options: nosniff Content-Encoding: gzip Transfer-Encoding: chunked Server: sffe X-XSS-Protection: 0 --- Additional Info --- Magic: ASCII text, with very long lines (2174) Size: 52904 Md5: 205bfbd3844bb26150a38efcb6eb18aa Sha1: e205e40f557ae0d1ab3b872149335710690bc4c1 Sha256: 0e21ab17fbb634eed3b7ee86132a06414e45f2e94438f487233e0b5936ad9b48
GET /scripts/sale_form.js HTTP/1.1 Host: c.parkingcrew.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.gotgeeks.com/	185.53.178.30 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Thu, 07 Jul 2022 01:50:20 GMT Content-Length: 761 Connection: keep-alive Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-2f9" Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 761 Md5: 64f809e06446647e192fce8d1ec34e09 Sha1: 5b7ced07da42e205067afa88615317a277a4a82c Sha256: f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Thu, 07 Jul 2022 01:34:57 GMT Cache-Control: max-age=3600 Expires: Thu, 07 Jul 2022 02:08:40 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: WscCxHduIOwO8ebjhawB8OmE8DfO8KBxmH49b5dvuHdKPBtBQ9-yfQ== Age: 925 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /themes/urspring_2fef8ec8/img/arrows.png HTTP/1.1 Host: d1lxhc4jvstzrp.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://d1lxhc4jvstzrp.cloudfront.net/themes/urspring_2fef8ec8/style.css	$Magic: PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size: 11375 Md5: 0cb2e5165dc9324eb462199f04e1ffa9$ 54.230.245.39 HTTP/1.1 200 OK Content-Type: image/png Content-Length: 11375 Connection: keep-alive Server: nginx Date: Wed, 06 Jul 2022 02:11:11 GMT Last-Modified: Tue, 17 May 2022 14:10:00 GMT Accept-Ranges: bytes ETag: "6283acb8-2c6f" X-Cache: Hit from cloudfront Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: HGOqsgJw4B4RQVALEDFgaaw6r0fSK-CjwTtG5ZcX2w4KVC7QRGfQpg== Age: 85150 --- Additional Info --- Magic: PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data Size: 11375 Md5: 0cb2e5165dc9324eb462199f04e1ffa9 Sha1: 9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8 Sha256: 67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6418 Cache-Control: 'max-age=158059' Date: Thu, 07 Jul 2022 01:50:21 GMT Last-Modified: Thu, 07 Jul 2022 00:03:23 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 54a5ebdb4e3b060878632555583e462f Sha1: df627b311d6276eabf36fe1390a8219714839aed Sha256: 5c77d20265a9a328455b745ec5191e036ec35814586c1e6bcd1c8b2de01b3ff2
GET /favicon.ico HTTP/1.1 Host: www1.gotgeeks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.gotgeeks.com/?tm=1&subid4=1657158612.0192340000	76.223.26.96 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Thu, 07 Jul 2022 01:50:21 GMT Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-0" Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: urlquery: - DynDNS domain detected
GET /track.php?domain=gotgeeks.com&toggle=browserjs&uid=MTY1NzE1ODYyMC43MTk6MWFjMTIzMTI2Yzc4NGE4N2E3NGNmMzBlNjQ4MzIyZGM1ZDY5ZTZkNzE2NmUyZDBlMjkxNDU3NGM0YjMwMTk1ODo2MmM2M2JkY2FmODgz HTTP/1.1 Host: www1.gotgeeks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.gotgeeks.com/?tm=1&subid4=1657158612.0192340000	76.223.26.96 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Thu, 07 Jul 2022 01:50:21 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf Alerts: urlquery: - DynDNS domain detected
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:50:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d5a6c15eede6d048971ad03524d6f9d4 Sha1: ac7e1ce17de3ef6e05281867c13d67d90767e8bb Sha256: 7769cb5b17347eee80f645859b5b22f60f9ff9f6b582f1b737c41f746b320980
POST /ls.php HTTP/1.1 Host: www1.gotgeeks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 2582 Origin: http://www1.gotgeeks.com Connection: keep-alive Referer: http://www1.gotgeeks.com/?tm=1&subid4=1657158612.0192340000 Cookie: GoogleAdServingTest=Good	76.223.26.96 HTTP/1.1 201 Created Content-Type: text/javascript;charset=UTF-8 Date: Thu, 07 Jul 2022 01:50:21 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 62c63bddb742864bd80821f0 Charset: utf-8 Access-Control-Allow-Origin: http://www1.gotgeeks.com Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_R3eRCEXqQ9NFDoy4/pxE5W6BHcHnZ1Rsvu/T4zvmcTEkNqJxWwFmxoG5ftIBc8d3IBugWS9JIq4cb6IfndNHHQ== --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: urlquery: - DynDNS domain detected Blocklists: - fortinet: Malware
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: CBSi4isElTFzgODLpcpqxQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.33.155.176 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: G4wsG2DakZIEdTiKNruWiM4c1vI= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:50:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: f5fb0d9f3b0f1ff2dac81db8b546be97 Sha1: ac3f9d723682a6736444ab8bc64e2cf3cb34d946 Sha256: 33c5a39a6ae589af20eef6794bc9bd3893172209f2fa1086fc05befbd4351266
GET /gampad/cookie.js?domain=www1.gotgeeks.com&client=dp-teaminternet08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www1.gotgeeks.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	142.250.74.130 HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin content-type: text/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Thu, 07 Jul 2022 01:50:21 GMT server: cafe cache-control: private content-length: 179 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 179 Md5: 9aedf51962c6f0be871a28bd11703b31 Sha1: d6bb8ec3516a149ab21286268247a56c2a34b052 Sha256: c8aaa7b7e96ec25a2a374561b293cb335bf074f83fa5e7b7d0e6519ac0439e0e
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C001862%2Cbucket103&client=dp-teaminternet08_3ph&r=m&hl=en&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300953%2C17300956&format=r3%7Cs&nocache=491657158621277&num=0&output=afd_ads&domain_name=www1.gotgeeks.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1657158621279&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=797&frm=0&uio=--&cont=tc&jsid=caf&jsv=457459225&rurl=http%3A%2F%2Fwww1.gotgeeks.com%2F%3Ftm%3D1%26subid4%3D1657158612.0192340000&adbw=master-1%3A530 HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www1.gotgeeks.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5119) Size: 1948 Md5: 11ac53281a7c2404c822d5dbc06722ed$ 142.250.74.164 HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-disposition: inline date: Thu, 07 Jul 2022 01:50:21 GMT expires: Thu, 07 Jul 2022 01:50:21 GMT cache-control: private, max-age=3600 content-encoding: br server: gws content-length: 1948 x-xss-protection: 0 set-cookie: CONSENT=PENDING+772; expires=Sat, 06-Jul-2024 01:50:21 GMT; path=/; domain=.google.com; Secure p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5119) Size: 1948 Md5: 11ac53281a7c2404c822d5dbc06722ed Sha1: 7af1e1e4fafe28ec8b1d68c9a9739ce1d0693c6e Sha256: ebe3032262a4dbed8972db85be25dda7b78fdf1d3726036a38b05eba3e967714
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:50:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: f5fb0d9f3b0f1ff2dac81db8b546be97 Sha1: ac3f9d723682a6736444ab8bc64e2cf3cb34d946 Sha256: 33c5a39a6ae589af20eef6794bc9bd3893172209f2fa1086fc05befbd4351266
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:50:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 323c7c3c34b75ac4890366aa39668bbf Sha1: 3deb907b3a3dc5d40cfb719f695b735f9e122a18 Sha256: 1664085c813b193eb7e319233208929c3b5bf0d7847d3de04cab050b64d17ada
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:50:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: ee1eaa813e4c7161ff85011a1cbb2d40 Sha1: 2b3015cfa19c92f0645d4716f83e80ac73b24159 Sha256: a2e7226143d14cacb46ec017c994d56ca6bd98f43b17dfbfcab90f7b3c5c6cea
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:50:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: ee1eaa813e4c7161ff85011a1cbb2d40 Sha1: 2b3015cfa19c92f0645d4716f83e80ac73b24159 Sha256: a2e7226143d14cacb46ec017c994d56ca6bd98f43b17dfbfcab90f7b3c5c6cea
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca$ 142.250.74.33 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 272 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Wed, 06 Jul 2022 10:27:57 GMT expires: Thu, 07 Jul 2022 09:27:57 GMT cache-control: public, max-age=82800 age: 55345 last-modified: Thu, 19 Dec 2019 14:15:00 GMT content-type: image/svg+xml alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca Sha1: 0acafe95e2141f0af6109203efeb2d98e6b926c6 Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c$ 142.250.74.33 HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Wed, 06 Jul 2022 10:07:09 GMT expires: Thu, 07 Jul 2022 09:07:09 GMT cache-control: public, max-age=82800 last-modified: Thu, 22 Oct 2020 21:45:00 GMT content-type: image/svg+xml age: 56593 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c Sha1: 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 07 Jul 2022 01:50:22 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: ac2624bc06c03f578f1c173961004e1f Sha1: dde7696dc5f0a0413d438b2d6395c9c3f36525fa Sha256: 7d03eaa7fee4d0b5ab57c4522cb588e1329d4c7f566b6cef49ff6cc18f9ff58d
GET /track.php?domain=gotgeeks.com&caf=1&toggle=answercheck&answer=yes&uid=MTY1NzE1ODYyMC43MTk6MWFjMTIzMTI2Yzc4NGE4N2E3NGNmMzBlNjQ4MzIyZGM1ZDY5ZTZkNzE2NmUyZDBlMjkxNDU3NGM0YjMwMTk1ODo2MmM2M2JkY2FmODgz HTTP/1.1 Host: www1.gotgeeks.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www1.gotgeeks.com/?tm=1&subid4=1657158612.0192340000 Cookie: __gsas=ID=cec4156169c5a73b:T=1657158621:S=ALNI_MbBClv1OeZgc8wjf5_ScoCYYWDc5A	76.223.26.96 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Thu, 07 Jul 2022 01:50:22 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: answercheck Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf Alerts: urlquery: - DynDNS domain detected
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2647 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:50:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2647 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:50:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909" Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2647 Expires: Thu, 07 Jul 2022 02:34:30 GMT Date: Thu, 07 Jul 2022 01:50:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c5a2dbe44b8c2efb78582d19feb5623d Sha1: 4d1990af3e155e664e056fa0ab2c88c3d6e7569d Sha256: e96ea592111aac8db4d301ea1e1def1043d15d8774c4224d707fb21885e98909
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5943e946-454d-4fa2-9a42-3742d5c15b9c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8185 Md5: 71f575ec1945ef97114e5125f7f46bec$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8185 x-amzn-requestid: 4175b120-06ce-4a9c-bc4e-03631c38f97b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UoJB0FzDoAMFUTg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bfeed8-705a0dc35090e183285bfa9a;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 07:08:08 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: noyuVo7-k6XK-GX49yRV5JSF3UzqNjEpQ8N8b6Tv5iUok1C9rMFOrQ== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 09:02:03 GMT age: 60500 etag: "71d91b56c51c8e6c72049088c5f48d047e3c2528" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8185 Md5: 71f575ec1945ef97114e5125f7f46bec Sha1: 71d91b56c51c8e6c72049088c5f48d047e3c2528 Sha256: b0aafa06050270acd35bd434d7418ca1c6ed4b66c0680302da29477d78bc4578
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7271 x-amzn-requestid: 3fa97801-72ce-40f1-9609-10406e6d70ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UoS0BFjuoAMFw8w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bffe7f-103b3e9a2928a3ed39c62b1b;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 08:14:55 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: TrgAb-pYFci7r56srzmwDp_mnZ6ApHI6KRaOyrHTYgJHmLcx6iNr1g== via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:50:30 GMT age: 14393 etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7271 Md5: 1d4f4e3ad0f3ca501b797538d0f3aaac Sha1: 949707b56fd4aa6464f5f4a5d52b18ab72d307ff Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6737 x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeP9ZG93oAMFX6A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw== via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 03:53:29 GMT age: 79014 etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6737 Md5: 44f59062cacc44be268845c493de29de Sha1: 5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b3c96c9-a522-4ac7-b26d-8a493fdad54e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5833 Md5: 0c8f6d61cb2fa1b87748d6ea53f21678$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5833 x-amzn-requestid: b1906d58-4339-4e95-933b-111b98d7e7f3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U3UEfHnwIAMFSNA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c60082-7ae16f081c0a62cc04191bf0;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:06 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: dImAFhuRZxCSOGV-GrPighqY6j2UV_ZrVJ7YoplNcaMcyhZZZdBeDA== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:50:56 GMT age: 14367 etag: "9e45ca5390279272ab7991b250cd035c569db6c9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5833 Md5: 0c8f6d61cb2fa1b87748d6ea53f21678 Sha1: 9e45ca5390279272ab7991b250cd035c569db6c9 Sha256: 1f909a49d5f85085e8ebc982bf8e2d0fc4f94b2f01946d0c7dbb232020ce5e8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7394f5d-cdce-41b4-a77f-497fd53c5173.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6510 Md5: 35403bff40fe010a03fbbfa56185ef30$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6510 x-amzn-requestid: 94ccabe7-9fb8-4d91-beea-ebd9a669732b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uq6h8EV3oAMFZfQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c10ad9-0d787e463b15c84b2cca0df8;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 03:19:53 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: KJSLnVrt4pTPuOocLg2Sr5uTfRyiaYyBh9Txohz4mMhsXQ262yfeIw== via: 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 06:32:58 GMT age: 69445 etag: "5e1dc99fa1b894ae83dd0ef04b3daa5ff820cd40" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6510 Md5: 35403bff40fe010a03fbbfa56185ef30 Sha1: 5e1dc99fa1b894ae83dd0ef04b3daa5ff820cd40 Sha256: 6c7efc03f6c3ebcf6ed69bff044d63ba19c832cb8ecb7ce291226b69cb7b3ac5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7633309-5f51-4741-aec1-77223d21def2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6219 Md5: 6a5de65d5b600c0785e0415233eb2eae$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6219 x-amzn-requestid: 5c99b20a-4356-4613-a812-994358d8d2f2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U3UD1FbRIAMFcOg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c6007e-63e05e65678eab473ef18a0f;Sampled=0 x-amzn-remapped-date: Wed, 06 Jul 2022 21:37:02 GMT x-amz-cf-pop: SEA19-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: J4b_YTU4EtaFHSTJDWbBLFMxUD4FZ5KIQcA5eS51LHyB0MfgInWyew== via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 21:53:38 GMT age: 14205 etag: "7721f00647b911279b6f42bf463eed176e389622" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6219 Md5: 6a5de65d5b600c0785e0415233eb2eae Sha1: 7721f00647b911279b6f42bf463eed176e389622 Sha256: 835ba3151816b32ab23e3d8a215d0dee67dd070428bad5bb3ab596b67a1373b7