Overview

URL carcleaneramring.de/
IP199.34.228.59
ASNWEEBLY
Location United States
Report completed2022-06-26 04:24:17 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-26 2 carcleaneramring.de/ Phishing
2022-06-26 2 www.carcleaneramring.de/ Phishing
2022-06-26 2 www.carcleaneramring.de/files/theme/mobile.js?1534852374 Phishing
2022-06-26 2 www.carcleaneramring.de/files/theme/custom.js?1534852374 Phishing
2022-06-26 2 www.carcleaneramring.de/files/theme/plugins.js?1534852374 Phishing
2022-06-26 2 www.carcleaneramring.de/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (17)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-25 05:05:57 UTC 54.230.111.64
[Mnemonic Passive DNS] ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-06-25 05:00:01 UTC 142.250.74.3
[Mnemonic Passive DNS] fonts.gstatic.com (6) 0 2017-01-30 04:59:51 UTC 2022-06-26 04:04:43 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] www.weebly.com (1) 21455 2012-10-02 18:27:42 UTC 2022-06-26 01:14:42 UTC 74.115.50.109
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] cdn2.editmysite.com (6) 11564 2012-10-02 18:27:39 UTC 2022-06-25 17:00:12 UTC 151.101.85.46
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-25 05:08:04 UTC 35.160.82.219
[Mnemonic Passive DNS] www.google-analytics.com (1) 40 2017-01-30 05:00:06 UTC 2022-06-25 05:43:21 UTC 142.250.74.174
[Mnemonic Passive DNS] carcleaneramring.de (1) 0 No data No data 199.34.228.59 Unknown ranking
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-25 20:40:55 UTC 93.184.220.29
[Mnemonic Passive DNS] ec.editmysite.com (2) 12806 2017-01-29 21:50:35 UTC 2022-06-25 22:54:24 UTC 44.239.242.204
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-25 10:33:58 UTC 34.120.237.76
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-06-25 05:00:24 UTC 23.36.77.32
[Mnemonic Passive DNS] www.carcleaneramring.de (9) 0 No data No data 199.34.228.59 Unknown ranking
[Mnemonic Passive DNS] fonts.googleapis.com (3) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 142.250.74.10
[Mnemonic Passive DNS] ajax.googleapis.com (1) 12905 2017-01-30 05:00:30 UTC 2019-10-16 05:01:16 UTC 142.250.74.138


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 199.34.228.59

Date UQ / IDS / BL URL IP
2022-08-14 18:28:36 +0000
0 - 0 - 6 annettekoegel.de/impressum.html 199.34.228.59
2022-08-02 01:09:15 +0000
0 - 0 - 2 www.mjink.com/logo.gif?5833f=3612790 199.34.228.59
2022-08-01 08:30:40 +0000
0 - 0 - 2 www.mjink.com/logo.gif?5b96d=1125447 199.34.228.59
2022-07-28 07:03:52 +0000
0 - 0 - 8 gotwoitalia.com/ 199.34.228.59
2022-07-24 03:04:27 +0000
0 - 0 - 8 gotwoitalia.com/ 199.34.228.59
2022-07-22 16:37:17 +0000
0 - 0 - 6 kym-casa.com.ar/ 199.34.228.59
2022-07-22 06:00:42 +0000
0 - 0 - 2 14global.com/securd%20/razaq.zip 199.34.228.59
2022-07-22 00:56:34 +0000
0 - 0 - 10 www.carlisleohd.org/ 199.34.228.59
2022-07-18 16:38:42 +0000
0 - 0 - 6 kym-casa.com.ar/ 199.34.228.59
2022-07-17 16:01:02 +0000
0 - 0 - 10 www.carlisleohd.org/ 199.34.228.59

Last 10 reports on ASN: WEEBLY

Date UQ / IDS / BL URL IP
2022-08-20 01:58:39 +0000
0 - 0 - 15 www.snobirddocks.com/r5m3/ 199.34.228.171
2022-08-19 23:21:12 +0000
0 - 0 - 3 bt-105400.weeblysite.com/ 199.34.228.97
2022-08-19 20:29:00 +0000
0 - 0 - 11 aolverificationstatus.weebly.com/ 199.34.228.53
2022-08-19 19:33:20 +0000
0 - 0 - 9 tyyujhfdxccvghj.weeblysite.com/ 199.34.228.96
2022-08-19 19:26:19 +0000
0 - 0 - 4 fhhaaratagagah.weeblysite.com/ 199.34.228.96
2022-08-19 19:15:40 +0000
0 - 0 - 7 https://rhvffddffggvghbb.weeblysite.com/ 199.34.228.96
2022-08-19 19:11:39 +0000
0 - 0 - 3 bt-internet-108918.weeblysite.com/ 199.34.228.97
2022-08-19 19:10:59 +0000
0 - 0 - 3 bt-107523onlinefrontiiermainadministraton.wee (...) 199.34.228.97
2022-08-19 19:10:07 +0000
0 - 0 - 8 https://att-106020.weeblysite.com/ 199.34.228.97
2022-08-19 19:00:21 +0000
0 - 0 - 9 https://quarterdeck-scricky.weebly.com/ 199.34.228.53

No other reports on domain: carcleaneramring.de



JavaScript

Executed Scripts (23)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (50)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B2CEB864B9C1A231269357C6D1FFC192D76116996A5363EE4A1B4B149AAD447A"
Last-Modified: Fri, 24 Jun 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2335
Expires: Sun, 26 Jun 2022 05:02:57 GMT
Date: Sun, 26 Jun 2022 04:24:02 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.59
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 26 Jun 2022 04:24:02 GMT
Server: Apache
Location: http://www.carcleaneramring.de/
Content-Length: 239
Keep-Alive: timeout=10, max=69
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   239
Md5:    b6f82a9e234531c9b148e7cc0bb902ff
Sha1:   7385a2686b54c10635a971f59a56fde605813bc5
Sha256: 1dfecf0300926c5666b36ba6ee0e14c63755c92eff1c70532d89880363ccadf3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 26 Jun 2022 03:45:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GPNfgCqqHWLoc36Adr15uctyTLD4mehxVsdJ9LdP-S0-l1P1avIAyA==
Age: 2285


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 26 Jun 2022 02:10:54 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QtVdbMu3BWzT9OdKGv39E8QiUtpvgTNxl2_LQdEYaHwhXM9jxP1T2w==
age: 7989
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 26 Jun 2022 04:24:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 26 Jun 2022 04:24:02 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.carcleaneramring.de language=en; expires=Sun, 10-Jul-2022 04:24:02 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"1a6593801f628444d7e76a2f18adce08-gzip"
Content-Encoding: gzip
X-Host: blu98.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7653
Keep-Alive: timeout=10, max=2
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1350), with CRLF, LF line terminators
Size:   7653
Md5:    d6752ea058a034d8c928f42d9625690c
Sha1:   d0db9b017da7fb437a43f2f5481edc0de9c74a8a
Sha256: 8c20a1fd737ab95517003d09194808171fb744b42e5f9a6bfddb64feba406275

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Lato:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 26 Jun 2022 04:24:02 GMT
Date: Sun, 26 Jun 2022 04:24:02 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   471
Md5:    0c25875b36f3fb245e7c2fd59057d479
Sha1:   8135703d160ed58535e2bc51db78aefb9a8b3907
Sha256: a4b87ce4891dff7fbf8e40b1ed386c531b7488b23a9cd07d8b2ccd63c7d1d945
                                        
                                            GET /css?family=Cookie&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 26 Jun 2022 04:24:02 GMT
Date: Sun, 26 Jun 2022 04:24:02 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   259
Md5:    1e6f0be9e57dc55b9ddfc8cf61d9c620
Sha1:   36d9d287254c3ecd6ad4d36926ba7514789f827d
Sha256: 625bb84d47ecdff57a7b12ee8303f9a339fc7fc90a3b494de8bd0db5da4bb869
                                        
                                            GET /css?family=Roboto:400,300,300italic,700,400italic,700italic&subset=latin,latin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         142.250.74.10
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 26 Jun 2022 04:24:02 GMT
Date: Sun, 26 Jun 2022 04:24:02 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text
Size:   840
Md5:    f29e68cc56bf4965797a6d079a4a472a
Sha1:   b4bc3d9703085cd639373d7ab7c984498a1dcbe6
Sha256: b79880dff3441b93f3aa24b04beaa9e251abe98deb5b202034ed44308d6143b7
                                        
                                            GET /css/sites.css?buildTime=1626101084 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Last-Modified: Fri, 17 Jun 2022 16:30:59 GMT
ETag: W/"62acac43-347ac"
Expires: Tue, 05 Jul 2022 07:54:46 GMT
Cache-Control: max-age=1209600
X-Host: grn107.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 29746
Accept-Ranges: bytes
Date: Sun, 26 Jun 2022 04:24:02 GMT
Age: 419356
Connection: keep-alive
X-Served-By: cache-sjc10077-SJC, cache-bma1680-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1656217443.711671,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29746
Md5:    d10158b22b553f723d99dc78eaee6390
Sha1:   80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
Sha256: 939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
                                        
                                            GET /css/social-icons.css?buildtime=1626101084 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Last-Modified: Fri, 17 Jun 2022 16:30:59 GMT
ETag: W/"62acac43-3319"
Expires: Tue, 05 Jul 2022 11:49:23 GMT
Cache-Control: max-age=1209600
X-Host: grn105.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1640
Accept-Ranges: bytes
Date: Sun, 26 Jun 2022 04:24:02 GMT
Age: 405279
Connection: keep-alive
X-Served-By: cache-sjc10024-SJC, cache-bma1637-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1656217443.710913,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (13080)
Size:   1640
Md5:    e28c5221da1212ddb24c7dfac9bd2b71
Sha1:   ed66d8a6d25f9c602daf0064a479351de253c320
Sha256: 539d483410c07abe67073b07dbaa9c6bd73a45905a6f2becb60467c93e9f03df
                                        
                                            GET /js/lang/de/stl.js?buildTime=1626101084& HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Last-Modified: Mon, 13 Jun 2022 21:13:44 GMT
ETag: "62a7a888-2e237"
Expires: Tue, 28 Jun 2022 11:30:54 GMT
Cache-Control: max-age=1209600
X-Host: blu102.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 36512
Accept-Ranges: bytes
Date: Sun, 26 Jun 2022 04:24:02 GMT
Age: 1011188
Connection: keep-alive
X-Served-By: cache-sjc10064-SJC, cache-bma1656-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1656217443.711354,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  HTML document, Unicode text, UTF-8 text, with very long lines (64820)
Size:   36512
Md5:    adacf25d387d2dc9b26109810c63d118
Sha1:   dc61e27901722a429384c3619e8eca970bcf2854
Sha256: e2e53ad7a743b5b060e04ac03db649c70b090dcd9e12eec4ee2a2b2c4b9d49fe
                                        
                                            GET /css/old/fancybox.css?1626101084 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Last-Modified: Wed, 22 Jun 2022 00:09:10 GMT
ETag: "62b25da6-f47"
Expires: Wed, 06 Jul 2022 10:56:43 GMT
Cache-Control: max-age=1209600
X-Host: grn105.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1218
Accept-Ranges: bytes
Date: Sun, 26 Jun 2022 04:24:02 GMT
Age: 322039
Connection: keep-alive
X-Served-By: cache-sjc10029-SJC, cache-bma1649-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1656217443.712293,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (3910)
Size:   1218
Md5:    b644e92258f4c7c0b4270047652d1e60
Sha1:   93734d52ee9e86a768159e514076051813c39cd9
Sha256: 29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
                                        
                                            GET /js/site/main-customer-accounts-site.js?buildTime=1626101084 HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Last-Modified: Fri, 17 Jun 2022 16:31:21 GMT
ETag: "62acac59-8250f"
Expires: Tue, 05 Jul 2022 12:09:38 GMT
Cache-Control: max-age=1209600
X-Host: grn102.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 158975
Accept-Ranges: bytes
Date: Sun, 26 Jun 2022 04:24:02 GMT
Age: 404064
Connection: keep-alive
X-Served-By: cache-sjc10054-SJC, cache-bma1676-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1656217443.712074,VS0,VE1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (32007)
Size:   158975
Md5:    c29a5e4fd4ee0d3b7cd0597f2b9b602b
Sha1:   bb134ed641467954f4a724167dc7ea56a03e7fa8
Sha256: bf9850a7e6dd269898b78ecf07a34438bc300cad0bbb2d280e10ccadf81646b2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 04:24:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /files/main_style.css?1626199752 HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:24:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn76.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (580)
Size:   6295
Md5:    188898098885ad9f9fc8f3c6e3a17af7
Sha1:   421941084986ea3e5f0e0cfd2a40b46f518480a5
Sha256: df5a45bc0c8aed26bbcc798adce6cc1ec886abdb9fc0b828ea2d1a8720db7158
                                        
                                            GET /files/theme/mobile.js?1534852374 HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:24:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 19 Jul 2021 03:01:39 GMT
x-rgw-object-type: Normal
ETag: W/"7bd55d32cb40c471784fe696916309b4"
x-amz-request-id: tx000000000000000c60306-0061a7065e-a9f1ce7-sfo1
X-Storage-Bucket: zcbb4
X-Storage-Object: cbb43d8535adb209382c62e4392774920b5b5049f50e831f27d62f1de7ac2e38
X-Host: blu61.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   4781
Md5:    e76dbf2dc9069819fe669f6e7eb6793d
Sha1:   1705370ddfd8d14d3c6816301152f5395e764c95
Sha256: f7d96b0b63053033bdb8f79acee80fa257f27cd5ac57b5c0d1c97a8dbec819c1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /files/theme/custom.js?1534852374 HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:24:02 GMT
Content-Length: 3547
Connection: keep-alive
Last-Modified: Sat, 26 Jun 2021 18:39:31 GMT
x-rgw-object-type: Normal
ETag: "2f1a63ecdb94062f19d447a95dbfd177"
x-amz-request-id: tx000000000000025dc8c95-0061e5acca-a9f1b25-sfo1
X-Storage-Bucket: zffb5
X-Storage-Object: ffb5f6cd16afd1b465da0a63b8eacfd1bbf14198c7c837cc3017aaef138fe23a
X-Host: blu69.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   3547
Md5:    2f1a63ecdb94062f19d447a95dbfd177
Sha1:   cb17f8b14d036327ed3085f407b7e4dd7ae90967
Sha256: ffb5f6cd16afd1b465da0a63b8eacfd1bbf14198c7c837cc3017aaef138fe23a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.138
HTTP/2 200 OK
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Jun 2022 14:41:45 GMT
expires: Mon, 19 Jun 2023 14:41:45 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 567738
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33593
Md5:    a54a444f20643b131117dc2112cca05f
Sha1:   074964746b12ff1d30f7656310d6154ae1cc98b5
Sha256: aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
                                        
                                            GET /files/theme/plugins.js?1534852374 HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:24:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 02 Apr 2022 08:42:51 GMT
x-rgw-object-type: Normal
ETag: W/"4cf5477130f7311a5f0af1ecaf425ee4"
x-amz-request-id: tx000000000000001b8ea71-0062847bf2-b9fbc29-sfo1
X-Storage-Bucket: zb83c
X-Storage-Object: b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
X-Host: grn65.sf2p.intern.weebly.net
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   18996
Md5:    80b977ddf918a1ff63f2350225772ca6
Sha1:   6fbc6b952295c565f67ea251eeb7a4c0cccd1c6a
Sha256: ca0e7374161e8f72ba8d049e4392e8785c6038763b1cba40726d15a87557d38d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 26 Jun 2022 04:24:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.carcleaneramring.de
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 21 Jun 2022 18:14:58 GMT
Expires: Wed, 21 Jun 2023 18:14:58 GMT
Cache-Control: public, max-age=31536000
Age: 382145
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 26 Jun 2022 04:04:35 GMT
Cache-Control: max-age=3600
Expires: Sun, 26 Jun 2022 04:13:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Vn2eyniqy-Bnipyuo8GcoRV0mCXG0jC8bavy5J14FKA3SvyeEd_LBA==
Age: 3132


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /js/wsnbn/snowday262.js HTTP/1.1 
Host: cdn2.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         151.101.85.46
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Last-Modified: Wed, 22 Jun 2022 00:08:55 GMT
ETag: "62b25d97-124fe"
Expires: Thu, 07 Jul 2022 08:38:41 GMT
Cache-Control: max-age=1209600
X-Host: blu100.sf2p.intern.weebly.net
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Content-Length: 25752
Accept-Ranges: bytes
Date: Sun, 26 Jun 2022 04:24:03 GMT
Age: 243922
Connection: keep-alive
X-Served-By: cache-sjc10076-SJC, cache-bma1676-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 2771
X-Timer: S1656217443.410739,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (2512)
Size:   25752
Md5:    234327230add9a5a5d61a48829ea4565
Sha1:   7966cc0e4bd76f88ff193c8a99a067de804b7129
Sha256: bb696c58d9ae5fa635b3ff22efdf60de9ac2f8ef9df5e2f2d58dd5f8dc99df75
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.carcleaneramring.de
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 21 Jun 2022 17:23:42 GMT
Expires: Wed, 21 Jun 2023 17:23:42 GMT
Cache-Control: public, max-age=31536000
Age: 385221
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size:   23040
Md5:    de69cf9e514df447d1b0bb16f49d2457
Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655
Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.carcleaneramring.de
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 22 Jun 2022 20:14:10 GMT
Expires: Thu, 22 Jun 2023 20:14:10 GMT
Cache-Control: public, max-age=31536000
Age: 288593
Last-Modified: Wed, 11 May 2022 19:24:42 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size:   15860
Md5:    e9f5aaf547f165386cd313b995dddd8e
Sha1:   acdef5603c2387b0e5bffd744b679a24a8bc1968
Sha256: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.carcleaneramring.de
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 21 Jun 2022 17:28:07 GMT
Expires: Wed, 21 Jun 2023 17:28:07 GMT
Cache-Control: public, max-age=31536000
Age: 384956
Last-Modified: Tue, 26 Apr 2022 16:04:12 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Size:   23236
Md5:    716309aab2bca045f9627f63ad79d0bf
Sha1:   38804233a29aaf975d557fe14e762c627bef76e0
Sha256: 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
                                        
                                            GET /s/lato/v23/S6u_w4BMUTPHjxsI9w2_Gwft.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.carcleaneramring.de
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 17728
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 21 Jun 2022 22:21:21 GMT
Expires: Wed, 21 Jun 2023 22:21:21 GMT
Cache-Control: public, max-age=31536000
Age: 367362
Last-Modified: Tue, 26 Apr 2022 16:10:29 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17728, version 1.0\012- data
Size:   17728
Md5:    9d09d1df90538b11770ec5f593b6d792
Sha1:   6e117eeeda54f443063becf094332b362e19abb8
Sha256: a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
                                        
                                            GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.carcleaneramring.de
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                         
                                         142.250.74.163
HTTP/1.1 200 OK
Content-Type: font/woff2
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 24408
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 21 Jun 2022 21:46:00 GMT
Expires: Wed, 21 Jun 2023 21:46:00 GMT
Cache-Control: public, max-age=31536000
Age: 369483
Last-Modified: Tue, 26 Apr 2022 15:50:25 GMT


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Size:   24408
Md5:    efee2d080d7bebdd2e0aeb2e030813a0
Sha1:   f8d38f9f9584e48c2e469877ebd94232265585f1
Sha256: bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2788
Cache-Control: 'max-age=158059'
Date: Sun, 26 Jun 2022 04:24:03 GMT
Last-Modified: Sun, 26 Jun 2022 03:37:35 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /uploads/1/2/0/3/120393702/background-images/839455576.jpg HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:24:03 GMT
Content-Length: 28480
Connection: keep-alive
Last-Modified: Fri, 03 Aug 2018 06:24:38 GMT
x-rgw-object-type: Normal
ETag: "9b4110634e1857b7c457a8227f384b13"
x-amz-request-id: tx000000000000022953904-0062b7df63-b9fbc64-sfo1
X-Storage-Bucket: z3583
X-Storage-Object: 3583dc35f27d6f1b2bb820dd6069ba967557c818ed626cd6a305a485e07c087d
X-Host: grn77.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 768x432, components 3\012- data
Size:   28480
Md5:    9b4110634e1857b7c457a8227f384b13
Sha1:   c4af9368deabec5cd1c8779273b28685a45f10bd
Sha256: 3583dc35f27d6f1b2bb820dd6069ba967557c818ed626cd6a305a485e07c087d
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /MxbBLvVHnZtRKUNID3fVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.160.82.219
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VTByetk+mXuLlfVQPBwFl2zh4Xk=

                                        
                                            OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.carcleaneramring.de/
Origin: http://www.carcleaneramring.de
Connection: keep-alive

                                         
                                         44.239.242.204
HTTP/1.1 200 OK
                                        
Date: Sun, 26 Jun 2022 04:24:03 GMT
Content-Length: 0
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: http://www.carcleaneramring.de
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, SP-Anonymous
Access-Control-Max-Age: 5

                                        
                                            POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1 
Host: ec.editmysite.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1778
Origin: http://www.carcleaneramring.de
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         44.239.242.204
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Date: Sun, 26 Jun 2022 04:24:04 GMT
Content-Length: 2
Connection: keep-alive
Server: nginx
Set-Cookie: sp=aed96b51-d54a-4564-b93f-57e7eac2556c; Expires=Mon, 26 Jun 2023 04:24:04 GMT; Domain=; Path=/; Secure; SameSite=None
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: http://www.carcleaneramring.de
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         142.250.74.174
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 26 Jun 2022 02:55:24 GMT
Expires: Sun, 26 Jun 2022 04:55:24 GMT
Cache-Control: public, max-age=7200
Age: 5320
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (1305)
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /files/theme/400dpilogocropped.png HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: image/png; charset=binary
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:24:02 GMT
Content-Length: 222219
Connection: keep-alive
Last-Modified: Thu, 28 Jun 2018 21:35:07 GMT
x-rgw-object-type: Normal
ETag: "fa7e180cbcbfa95fe299bb6377f6cd14"
x-amz-request-id: tx000000000000022a3be47-0062b7df62-b9fbc29-sfo1
X-Storage-Bucket: z3317
X-Storage-Object: 33174a8baabcee0328ec819d3d23c462cf137450430298d131ea785c5a025aee
X-Host: grn30.sf2p.intern.weebly.net
Accept-Ranges: bytes, bytes


--- Additional Info ---
Magic:  PNG image data, 2708 x 1425, 8-bit/color RGBA, non-interlaced\012- data
Size:   222219
Md5:    fa7e180cbcbfa95fe299bb6377f6cd14
Sha1:   f720517f88bacf1e268407bac6060cbfee15d781
Sha256: 33174a8baabcee0328ec819d3d23c462cf137450430298d131ea785c5a025aee
                                        
                                            POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: http://www.carcleaneramring.de
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Cookie: is_mobile=0; language=en; _snow_ses.1b6e=*; _snow_id.1b6e=d75efabd-635a-498d-b142-faac98178804.1656217444.1.1656217444.1656217444.a0addb32-5e6a-4509-931c-ec55c4a67bfd

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Sun, 26 Jun 2022 04:24:04 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn107.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 375
Keep-Alive: timeout=10, max=70
Connection: Keep-Alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (375), with no line terminators
Size:   375
Md5:    ee5bd2747c30496476cc0895392da3ae
Sha1:   5d0090c69cb42c47b1430094589d72c83b48dcd3
Sha256: 8bc12ea7d68fffddf5dc2f7ac10a44c78087b1e7f7fe046fcfb7d3c77198d3f4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /uploads/1/2/0/3/120393702/background-images/51675215.jpg HTTP/1.1 
Host: www.carcleaneramring.de
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/
Cookie: is_mobile=0; language=en

                                         
                                         199.34.228.59
HTTP/1.1 200 OK
Content-Type: image/jpeg; charset=binary
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:24:03 GMT
Content-Length: 317817
Connection: keep-alive
Last-Modified: Tue, 21 Sep 2021 22:10:41 GMT
x-rgw-object-type: Normal
ETag: "d4a13a0b4cb2d7d449e151c48e15225b"
x-amz-request-id: tx00000000000000318f172-0062858dcc-b9fbc64-sfo1
X-Storage-Bucket: z1039
X-Storage-Object: 1039060e5f87aa0af2437e0c18df1bfede71806044a91b116f309948aa3c9116
X-Host: grn77.sf2p.intern.weebly.net
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2280x1667, components 3\012- data
Size:   317817
Md5:    d4a13a0b4cb2d7d449e151c48e15225b
Sha1:   4bd0b49597ea23b8111191cb05a5fcc53938a1cb
Sha256: 1039060e5f87aa0af2437e0c18df1bfede71806044a91b116f309948aa3c9116
                                        
                                            GET /uploads/reseller/assets/933957360-favicon.ico HTTP/1.1 
Host: www.weebly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.carcleaneramring.de/

                                         
                                         74.115.50.109
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 26 Jun 2022 04:24:04 GMT
Content-Length: 3739
Connection: keep-alive
ETag: "61c39c46-e9b"
X-Host: blu43.sf2p.intern.weebly.net
X-W-DC: SFO


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Size:   3739
Md5:    2eeb3e560ca8f369be20ceb5858a4701
Sha1:   6c53e6b66c1bc6d0b93116e14fb79c30424bf36c
Sha256: ac2d9485acf7e9c29d94d31f19d3aedda958cd4f6119ddc888fbbde52d6078dd
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14331
Expires: Sun, 26 Jun 2022 08:22:56 GMT
Date: Sun, 26 Jun 2022 04:24:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14331
Expires: Sun, 26 Jun 2022 08:22:56 GMT
Date: Sun, 26 Jun 2022 04:24:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14331
Expires: Sun, 26 Jun 2022 08:22:56 GMT
Date: Sun, 26 Jun 2022 04:24:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14331
Expires: Sun, 26 Jun 2022 08:22:56 GMT
Date: Sun, 26 Jun 2022 04:24:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083"
Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14331
Expires: Sun, 26 Jun 2022 08:22:56 GMT
Date: Sun, 26 Jun 2022 04:24:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be9300c-078e-4144-97d1-66404ae8a421.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9333
x-amzn-requestid: 3328c7d3-2281-4aab-ad6f-d4c5fcef0015
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TycnzGxGIAMFxAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62aa7498-7221500c66e9f6f277f46b5e;Sampled=0
x-amzn-remapped-date: Thu, 16 Jun 2022 00:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pY8lMpenUUg1a8DveekBckp7a5sVe0uethM8C8T0Y33okZfJn9CPiw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Jun 2022 01:13:13 GMT
age: 11452
etag: "15d8a2eed57ca34447101b4375deebdbf3d1d42d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9333
Md5:    e2e6a2c176d5fe91201e8e0aed4ea480
Sha1:   15d8a2eed57ca34447101b4375deebdbf3d1d42d
Sha256: 71ff76b27bec49293c76706a852109414a5dc1307996adcaa9ccad149939abb3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F078fb16a-ed33-4dc3-8f0d-fa2af1b1a290.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11483
x-amzn-requestid: 31728949-c166-4867-b377-2d9ac07fb6e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTDsuEZdoAMFWIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b77fea-0ba36d817950cc271cc3e3dc;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 21:36:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -TUpVxLspf9nL6sVtRnSSKCKJLkik7UM85tJ47P7QnTBhXSOCFDttQ==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Jun 2022 21:42:44 GMT
etag: "53b0cb739723cc34657019cde118b003970cbb86"
content-type: image/jpeg
age: 24081
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11483
Md5:    1e0d05753e633912c3b1d61427a2384e
Sha1:   53b0cb739723cc34657019cde118b003970cbb86
Sha256: f84afe24d5c52db107a9767c445709223d112ff7adccf296e0e2d79899f73310
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ff72090-4b18-499c-8212-e2f1af088e7f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10673
x-amzn-requestid: a4275eb6-556e-46b0-8d78-c8091771c4fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTDEcGbJoAMF9pQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b77ee9-65e9ac0176485ba22dba5fee;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 21:32:25 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LVfoyw2X-Mm3TxA9cUSsS6SEkdFV1OLC1rkgsdpL4GeP_EfY43LJDA==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Jun 2022 21:42:44 GMT
etag: "37d9509385a934940a54d80c78efaffcb62dcdaa"
content-type: image/jpeg
age: 24081
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10673
Md5:    b6c9dfeb2b4564b316e05bcb5043bb61
Sha1:   37d9509385a934940a54d80c78efaffcb62dcdaa
Sha256: ff2b53150eb96b296b1581fc3e27c05b523bf00b2ebb13f9798b25831dd3f55f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b0ee740-4328-49dd-9720-d9dace8825da.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9802
x-amzn-requestid: 19934ef1-46e6-4ad5-8763-188d129554af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTC42Eo7oAMFZNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b77e9e-3ff575667599c13c28850149;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 21:31:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: lG4ieDoRomBT5h3opsUNKZRdlFzfqd48LtOU7Uhbt4iya6c_USyq_g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Jun 2022 21:56:46 GMT
etag: "fc8b0060534b2be4ad7feb743faac01a901833c5"
content-type: image/jpeg
age: 23239
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9802
Md5:    1fcf1924aacdc3bb8f8866e933cdcebd
Sha1:   fc8b0060534b2be4ad7feb743faac01a901833c5
Sha256: 930356a728210d8ff3eeee4e5de206b45faf6eb8f1d019c4dfb7b5d6856d4603
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fc97984-e417-4488-b42b-8616b0aed701.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6996
x-amzn-requestid: 2c7d1949-f3a6-4775-8fde-f54beb6d15b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTZMAEJWoAMFzUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b7a24c-66f9ebdf7afa3eb833e0d4d9;Sampled=0
x-amzn-remapped-date: Sun, 26 Jun 2022 00:03:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Y6vQpjOkKAFqnsNht0IrYDjMGZV61pu8dIev08c9EDP-iCuqvom8Kw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Jun 2022 00:23:12 GMT
age: 14453
etag: "e05b201ac00410eb4eef50a97a90c384b6ec1ae3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6996
Md5:    4c594aed88673de434d2d3d3f03cb889
Sha1:   e05b201ac00410eb4eef50a97a90c384b6ec1ae3
Sha256: fbd980441f4c7f324c98d9c37f46226d6529efe2390d95190cfc053d46c2dc30
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad0e66ab-2eff-4b07-97d4-8aef2204d2e6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8532
x-amzn-requestid: 9b0563f7-5fd3-43da-a797-27eb920fa991
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UTaUMH3dIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b7a41a-619921a50891057a26b9152b;Sampled=0
x-amzn-remapped-date: Sun, 26 Jun 2022 00:11:06 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ptVEdOZi80qs7Q6vdcl9vI6UMfVRcILdl7hRKnGEtTbtNrHoXTGVyQ==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Jun 2022 00:24:19 GMT
age: 14386
etag: "9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8532
Md5:    30b326f3c723aedd3fb906437551f1fd
Sha1:   9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea
Sha256: a498f7da0e1349370b0ad28d0d2690977201f201f55715f52c7086e874470f5b