urlquery - report: dollargeneral.co/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-01 17:12:49 UTC	34.117.237.239
e1.o.lencr.org (2)	6159	No data	No data	95.101.11.115
ji.hotelcomparly.com (1)	0	2022-02-13 23:17:35 UTC	2022-12-01 10:55:19 UTC	172.67.220.159	Unknown ranking
api.aws.parking.godaddy.com (4)	36127	No data	No data	3.85.157.241
afs.googleusercontent.com (2)	12123	2013-05-07 00:37:08 UTC	2020-04-20 08:38:35 UTC	142.250.74.129
dollargeneral.co (3)	0	2019-12-11 04:15:27 UTC	2022-11-30 08:28:16 UTC	93.115.28.104	Unknown ranking
ocsp.godaddy.com (2)	698	2012-05-20 19:28:57 UTC	2020-05-02 20:58:10 UTC	192.124.249.23
partner.googleadservices.com (1)	798	2012-10-03 01:04:21 UTC	2022-12-01 17:16:21 UTC	216.58.207.226
dipaka-ead.com (3)	0	2022-10-31 13:23:43 UTC	2022-12-01 13:58:55 UTC	3.212.50.125	Unknown ranking
d38psrni17bvxu.cloudfront.net (1)	0	2022-10-31 21:29:45 UTC	2022-12-01 22:08:50 UTC	54.230.245.8	Unknown ranking
www.hotelcomparely.com (2)	0	2022-02-13 23:17:36 UTC	2022-12-01 10:55:20 UTC	45.33.2.79	Unknown ranking
img1.wsimg.com (4)	9893	2012-06-20 14:42:31 UTC	2020-04-15 04:54:15 UTC	95.101.10.129
track.hawkaffinity.com (1)	351459	2020-05-06 18:15:05 UTC	2022-12-01 10:55:18 UTC	104.21.44.34
www.google.com (1)	7	2016-03-22 03:56:07 UTC	2022-12-01 18:17:59 UTC	142.250.74.164
trk.buyent.xyz (2)	0	2022-06-02 09:15:30 UTC	2022-12-01 10:55:19 UTC	104.21.68.113	Unknown ranking
r3.o.lencr.org (10)	344	No data	No data	95.101.11.115
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-12-01 17:14:08 UTC	34.102.187.140
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	34.208.31.97
ww1.dollargeneral.co (5)	0	No data	No data	13.248.148.254	Unknown ranking
img-getpocket.cdn.mozilla.net (7)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
www6.hotelcomparely.com (2)	0	No data	No data	35.186.238.101	Unknown ranking
ocsp.pki.goog (6)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	216.58.211.3
postback.trafficmotor.com (1)	96726	2019-11-09 13:35:40 UTC	2022-12-01 18:04:41 UTC	45.79.38.145
ocsp.digicert.com (6)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29

Scan Date	Severity	Indicator	Comment
2022-12-02	2	d38psrni17bvxu.cloudfront.net/scripts/js3.js	Malware

Date	UQ / IDS / BL	URL	IP
2023-01-27 18:40:35 +0000	0 - 3 - 5	os2.theimageresizer-app.com/CM_DS/?v=5.0&c=10 (...)	172.98.192.37
2023-01-13 22:07:54 +0000	0 - 0 - 4	1133008.com/index.php/vod/play/id/4509/sid/1/ (...)	172.98.192.37
2023-01-13 20:34:10 +0000	0 - 0 - 4	1133008.com/index.php/vod/play/id/1893/sid/1/ (...)	172.98.192.37
2023-01-06 23:37:38 +0000	0 - 1 - 0	os2.theimageresizer-app.com/CM_DS/?v=5.0&c=88 (...)	172.98.192.37
2022-12-25 01:38:09 +0000	0 - 1 - 4	asoss.us/voice/shared/09acb222c4fb7d8da28237f (...)	172.98.192.37

Date	UQ / IDS / BL	URL	IP
2023-01-29 07:26:48 +0000	0 - 0 - 1	bangurschool.com/emm/AiiImial.zip	173.240.5.23
2023-01-28 19:52:35 +0000	0 - 0 - 7	rondennisonins.com/wp-includes/en/index.html	104.171.125.30
2023-01-28 09:28:35 +0000	0 - 9 - 0	ns1.centos.ga/	103.114.217.69
2023-01-27 18:40:35 +0000	0 - 3 - 5	os2.theimageresizer-app.com/CM_DS/?v=5.0&c=10 (...)	172.98.192.37
2023-01-26 14:39:39 +0000	0 - 1 - 1	h-kd0.shop	192.111.146.184

Date	UQ / IDS / BL	URL	IP
2022-12-13 08:29:36 +0000	0 - 0 - 2	dollargeneral.co/	93.115.28.104
2022-12-02 08:28:41 +0000	0 - 0 - 1	dollargeneral.co/	172.98.192.37
2022-10-23 07:28:50 +0000	0 - 0 - 2	dollargeneral.co/	93.115.28.104

Date	UQ / IDS / BL	URL	IP
2023-01-12 08:49:45 +0000	0 - 0 - 1	www42.see-livesex.com/?gp=1&js=0&uuid=1673513 (...)	45.33.23.183
2023-01-12 08:49:42 +0000	0 - 0 - 1	www42.see-livesex.com/?gp=1&js=0&uuid=1673513 (...)	45.33.2.79
2023-01-09 03:17:13 +0000	0 - 0 - 2	only.woman.com/	45.33.30.197
2023-01-08 10:47:22 +0000	0 - 0 - 2	inglobe.technologies.com/	45.33.30.197
2023-01-07 16:56:19 +0000	0 - 0 - 2	sodirty.com/http:/sodirty.com/mtm/direct/.ejy (...)	45.33.2.79

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11799 Expires: Fri, 02 Dec 2022 11:45:09 GMT Date: Fri, 02 Dec 2022 08:28:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3bbb845b153026fc5332dd4506585b57 Sha1: 3cad200fac28fd00f34ce6ef79373e661e188743 Sha256: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
GET / HTTP/1.1 Host: dollargeneral.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: dollargeneral.co/ FQDN: dollargeneral.co IP: 93.115.28.104 HASH: 982775f0b6b9a90e68436910bf99648ba368e7b1b722b4c6c99f25ce1a3d11cc 93.115.28.104 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 477 date: Fri, 02 Dec 2022 08:28:30 GMT server: nginx set-cookie: sid=4d579954-721b-11ed-b858-bd568089f10c; path=/; domain=.dollargeneral.co; expires=Wed, 20 Dec 2090 11:42:37 GMT; max-age=2147483647; HttpOnly --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators Size: 477 Md5: 3bc9c346b994494d91deb8967a816660 Sha1: 1a018b0f0b067cb28e53bd6389b3a64c5aec7fe9 Sha256: 982775f0b6b9a90e68436910bf99648ba368e7b1b722b4c6c99f25ce1a3d11cc
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2793 Cache-Control: max-age=96555 Date: Fri, 02 Dec 2022 08:28:30 GMT Etag: "63888270-1d7" Expires: Sat, 03 Dec 2022 11:17:45 GMT Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 0c748388899e8a8d3680355da2ea5020 Sha1: 903c620cd137613daafb0da0508c37b2f4a67212 Sha256: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 02 Dec 2022 08:18:11 GMT cache-control: public,max-age=3600 age: 619 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16876 Expires: Fri, 02 Dec 2022 13:09:46 GMT Date: Fri, 02 Dec 2022 08:28:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 55b4c61a1e99001307750e3647fe1102 Sha1: 7559f9f6770b7d3f45b723167062096312641e08 Sha256: 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 1odk39HOqvx1qt5CS/sWzgmjtQAu/TDgKYtsZm8MGyqzVYi1PYw/wFWAbAyWd6wv+27rj/mqO4E= x-amz-request-id: CTYFG9QRNZVTN63X content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 02 Dec 2022 07:46:01 GMT age: 2549 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 02 Dec 2022 08:28:30 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: dollargeneral.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dollargeneral.co/ Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c	URL: dollargeneral.co/favicon.ico FQDN: dollargeneral.co IP: 93.115.28.104 HASH: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9 93.115.28.104 HTTP/1.1 404 Not Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 9 date: Fri, 02 Dec 2022 08:28:30 GMT server: nginx --- Additional Info --- Magic: ASCII text, with no line terminators Size: 9 Md5: d8f4a1993546cc4b850cde3599e27aec Sha1: 094b763b4cfcc0b05e5d040581cd513c3ca08067 Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 02 Dec 2022 08:08:57 GMT cache-control: public,max-age=3600 age: 1174 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2787 Cache-Control: 'max-age=158059' Date: Fri, 02 Dec 2022 08:28:31 GMT Etag: "63886ea9-1d7" Last-Modified: Fri, 02 Dec 2022 07:42:04 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 1f88399f3fdd89dbb9ca1229cb67143a Sha1: 325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3 Sha256: 831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTk3NjkxMCwiaWF0IjoxNjY5OTY5NzEwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21lcDZrbnU5YmdnOGpxOG8xdGUyYzkiLCJuYmYiOjE2Njk5Njk3MTAsInRzIjoxNjY5OTY5NzEwNTY1OTQ4fQ.xnoAEJ-EEOQCZOJpD__D5Oi3LWMFx7TRfXRvjl1Ceow&sid=4d579954-721b-11ed-b858-bd568089f10c HTTP/1.1 Host: dollargeneral.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dollargeneral.co/ Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c Upgrade-Insecure-Requests: 1	URL: dollargeneral.co/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6I (...) FQDN: dollargeneral.co IP: 93.115.28.104 HASH: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 93.115.28.104 HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Fri, 02 Dec 2022 08:28:31 GMT location: http://ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software server: nginx set-cookie: sid=4d579954-721b-11ed-b858-bd568089f10c; path=/; domain=.dollargeneral.co; expires=Wed, 20 Dec 2090 11:42:38 GMT; max-age=2147483647; HttpOnly --- Additional Info --- Magic: ASCII text, with no line terminators Size: 11 Md5: 32682312d17c7cbf18e73594f5570319 Sha1: 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: n8z10VTrJnZ7qjFcpepM0w== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 34.208.31.97 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.208.31.97 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: amiCUx06i3Ve//Fy8FBNtrgymEE= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software HTTP/1.1 Host: ww1.dollargeneral.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://dollargeneral.co/ Connection: keep-alive Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c Upgrade-Insecure-Requests: 1	URL: ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd (...) FQDN: ww1.dollargeneral.co IP: 13.248.148.254 HASH: f00ab1e5b3818e2b00056aa0c272c4adb0ede112046eff30696235df243324ed 13.248.148.254 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Fri, 02 Dec 2022 08:28:31 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Redirect: zeropark_zeroclick X-Template: tpl_CleanPeppermintBlack_twoclick X-Language: norwegian Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2234) Size: 2533 Md5: 1cc95550cab8be2455e7081c06e1dcf4 Sha1: 0b5e926d124a11dffc982e58465cbdccbda30c9b Sha256: f00ab1e5b3818e2b00056aa0c272c4adb0ede112046eff30696235df243324ed
GET /scripts/js3.js HTTP/1.1 Host: d38psrni17bvxu.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.dollargeneral.co/	URL: d38psrni17bvxu.cloudfront.net/scripts/js3.js FQDN: d38psrni17bvxu.cloudfront.net IP: 54.230.245.8 HASH: c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637 54.230.245.8 HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 1134 Connection: keep-alive Server: nginx Date: Fri, 02 Dec 2022 04:54:34 GMT Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT Accept-Ranges: bytes ETag: "611b7ea2-46e" X-Cache: Hit from cloudfront Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: MbeRjjvCPo6vmXXOHvOMPQzkU2lN550vRmcqAZoUy19Y5C1lz4MgFw== Age: 12838 --- Additional Info --- Magic: ASCII text, with very long lines (506) Size: 1134 Md5: 64b79b43df8fbf2c5d082964b9116a68 Sha1: dc3c763519baf0f4c32bb60bfc429651a491ea01 Sha256: c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18260 Expires: Fri, 02 Dec 2022 13:32:52 GMT Date: Fri, 02 Dec 2022 08:28:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18260 Expires: Fri, 02 Dec 2022 13:32:52 GMT Date: Fri, 02 Dec 2022 08:28:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18260 Expires: Fri, 02 Dec 2022 13:32:52 GMT Date: Fri, 02 Dec 2022 08:28:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18260 Expires: Fri, 02 Dec 2022 13:32:52 GMT Date: Fri, 02 Dec 2022 08:28:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18260 Expires: Fri, 02 Dec 2022 13:32:52 GMT Date: Fri, 02 Dec 2022 08:28:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: ecab83d593cc540b02689be5be7abc8a Sha1: 81cda579b7b9b22332b85266b0126585f3d3f73f Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10270 x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfG1nEvYoAMFliA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:53:50 GMT age: 38082 etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10270 Md5: 4c7113338bc3310b13d23ca415c177e2 Sha1: 2cb4edc6b161c6d2d5b47aa498ae54e677966466 Sha256: 3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11443 x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfHDHE4zoAMFvfw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:55:34 GMT age: 37978 etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11443 Md5: d08081e2dd562ef50e4e98ebc0136698 Sha1: b5118bca37feda2ada3001199dc1d80ac6d2aacc Sha256: 5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07af64d-c287-4b0a-9677-9a1000422afc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7334 x-amzn-requestid: a6b8b420-8394-496b-8be8-26dee52e3887 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGeoHJOoAMF75g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891df7-0b38d07f518c8b3134457df2;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: tuKmV_nb4HVbqkhtCnZY3b33VB-bB6UxaBl6HsY_JgWesbUB8SPt-g== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 22:09:38 GMT age: 37134 etag: "23753fe8af09ec8ffa10eed4d201a71833885c99" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7334 Md5: 498ab4412ed5cf977bc23e4e870894b0 Sha1: 23753fe8af09ec8ffa10eed4d201a71833885c99 Sha256: 036042656f15e42b4d1537c45f5b8e7190c70305fa9a69c1287c6739ad0b7122
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7591 x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGgMFRZIAMFl7g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:48:51 GMT age: 38381 etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7591 Md5: d147ccb10bda82b153a596c3c967cd6a Sha1: ffd0763f997e71a8c1458523fc17cafe8849dfdf Sha256: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 2942 x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfGeoGFYoAMFWgA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 21:49:56 GMT age: 38316 etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2942 Md5: b47431190f34eccf0a6efb98e2a32b7d Sha1: 9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704 Sha256: 08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6174 x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cZ0iyH2WoAMFQdg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0 x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Fri, 02 Dec 2022 06:00:48 GMT age: 8864 etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6174 Md5: b986f9fcbeca91ed5c8d58fbfaf47d19 Sha1: 6e6c8bd2bce144cc4da1cd7be375b046b60dca79 Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /track.php?domain=dollargeneral.co&toggle=browserjs&uid=MTY2OTk2OTcxMS42NzcyOjgyZWZlZTYzNDJhYTQxZGZkZWJjMTdkOTNmNGU5MDc2YmUxMDc2YjQ4MDNkOTlkYTdlYjY0ZDgwMTQ2NTRmZTI6NjM4OWI3MmZhNTU2MQ%3D%3D HTTP/1.1 Host: ww1.dollargeneral.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c	URL: ww1.dollargeneral.co/track.php?domain=dollargeneral.co& (...) FQDN: ww1.dollargeneral.co IP: 13.248.148.254 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 13.248.148.254 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Fri, 02 Dec 2022 08:28:32 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-Custom-Track: browserjs Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST /ls.php HTTP/1.1 Host: ww1.dollargeneral.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Content-Length: 2186 Origin: http://ww1.dollargeneral.co Connection: keep-alive Referer: http://ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c	URL: ww1.dollargeneral.co/ls.php FQDN: ww1.dollargeneral.co IP: 13.248.148.254 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.248.148.254 HTTP/1.1 201 Created Content-Type: text/javascript;charset=UTF-8 Date: Fri, 02 Dec 2022 08:28:32 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 X-Log-Success: 6389b730277d930722354588 Charset: utf-8 Access-Control-Allow-Origin: http://ww1.dollargeneral.co Access-Control-Allow-Methods: POST, OPTIONS Access-Control-Max-Age: 86400 X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Q2BDpwiwi6d/Yvjy6JZfsAfcXLatbucm51uNsFXU89D3oJshPIqlPM/rmCSDv9j7xQOLYiCHYfB8wxmzlUYLsQ== --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1 Host: ww1.dollargeneral.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c	URL: ww1.dollargeneral.co/favicon.ico FQDN: ww1.dollargeneral.co IP: 13.248.148.254 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.248.148.254 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Fri, 02 Dec 2022 08:28:33 GMT Content-Length: 0 Connection: keep-alive Server: nginx Last-Modified: Tue, 12 May 2020 14:25:52 GMT ETag: "5ebab1f0-0" Accept-Ranges: bytes --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track.php?click=8bc5311fea51f5d88ad90580a49f43a22d8f5165&domain=dollargeneral.co&uid=MTY2OTk2OTcxMS42NzcyOjgyZWZlZTYzNDJhYTQxZGZkZWJjMTdkOTNmNGU5MDc2YmUxMDc2YjQ4MDNkOTlkYTdlYjY0ZDgwMTQ2NTRmZTI6NjM4OWI3MmZhNTU2MQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2Mzg5YjcyZmE1NTRifHx8MTY2OTk2OTcxMS45NjQ1fGU5NzI5NWE2M2Y5Zjg1ODkwNmZiMjE5ZGY1YTU5ZGNhMjlkOTdjMzV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw0ZjI3YjEyZTdmMmU0MGNmNzVjMjFlZTM4ODMzNjBiMmQ0MzY3ZGJkfDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1 Host: ww1.dollargeneral.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c	URL: ww1.dollargeneral.co/track.php?click=8bc5311fea51f5d88a (...) FQDN: ww1.dollargeneral.co IP: 13.248.148.254 HASH: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf 13.248.148.254 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Fri, 02 Dec 2022 08:28:33 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Vary: Accept-Encoding X-View-Match: true Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile Accept-CH-Lifetime: 30 Access-Control-Allow-Origin: * Content-Encoding: gzip --- Additional Info --- Magic: data Size: 20 Md5: a4745abc5e7fdb89cc6df3069f3c6e69 Sha1: 74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /zcvisitor/4e1a66f4-721b-11ed-b470-12eaaa23d38d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=15e92720-c079-11ec-bea2-128084d1ce51 HTTP/1.1 Host: dipaka-ead.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://ww1.dollargeneral.co/ Upgrade-Insecure-Requests: 1	URL: dipaka-ead.com/zcvisitor/4e1a66f4-721b-11ed-b470-12eaaa (...) FQDN: dipaka-ead.com IP: 3.212.50.125 HASH: ea442b0ec86db545ae09a1dc546c13f4885a232557dad3b316dc741f0b7ab687 3.212.50.125 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Fri, 02 Dec 2022 08:28:33 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag Server: czUzytfQ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 1100 Md5: 6b93cfcc299e80c35036c4f940e81951 Sha1: 369a22e7649f23608259f6923694c35cbe63571a Sha256: ea442b0ec86db545ae09a1dc546c13f4885a232557dad3b316dc741f0b7ab687
GET /zcredirect?visitid=4e1a66f4-721b-11ed-b470-12eaaa23d38d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 Host: dipaka-ead.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dipaka-ead.com/zcvisitor/4e1a66f4-721b-11ed-b470-12eaaa23d38d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=15e92720-c079-11ec-bea2-128084d1ce51 Upgrade-Insecure-Requests: 1	URL: dipaka-ead.com/zcredirect?visitid=4e1a66f4-721b-11ed-b4 (...) FQDN: dipaka-ead.com IP: 3.212.50.125 HASH: 71bdece4410e21f1327059290c609890cd2868cbc088211612e5ad1d2a30fa8c 3.212.50.125 HTTP/1.1 200 Content-Type: text/html;charset=UTF-8 Date: Fri, 02 Dec 2022 08:28:33 GMT Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS Server: naUnaoyZ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (333) Size: 752 Md5: 56ebf9a837d5d64ff3c6c3acc96ff2c6 Sha1: 5a78cf25580aa7093b47c0bf5e3f2f81274dd0ec Sha256: 71bdece4410e21f1327059290c609890cd2868cbc088211612e5ad1d2a30fa8c
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 95.101.11.115 HASH: 14814580618864305e8309fd80745087af60b8fdbf54808c763bd8b2599448ce 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "14814580618864305E8309FD80745087AF60B8FDBF54808C763BD8B2599448CE" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18382 Expires: Fri, 02 Dec 2022 13:34:55 GMT Date: Fri, 02 Dec 2022 08:28:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: c4f46fa04f246b932725fed703864a84 Sha1: 6d2fcb653c7ee35b0a101a84c94469bff8b06780 Sha256: 14814580618864305e8309fd80745087af60b8fdbf54808c763bd8b2599448ce
GET /favicon.ico HTTP/1.1 Host: dipaka-ead.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://dipaka-ead.com/zcredirect?visitid=4e1a66f4-721b-11ed-b470-12eaaa23d38d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	URL: dipaka-ead.com/favicon.ico FQDN: dipaka-ead.com IP: 3.212.50.125 HASH: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8 3.212.50.125 HTTP/1.1 404 Content-Type: text/html;charset=utf-8 Date: Fri, 02 Dec 2022 08:28:33 GMT Content-Length: 653 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Content-Language: en Server: puQTymrl --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators Size: 653 Md5: ba2732b1b2fa2626ffaa15f62f9e7d66 Sha1: 203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: e1.o.lencr.org/ FQDN: e1.o.lencr.org IP: 95.101.11.115 HASH: 14814580618864305e8309fd80745087af60b8fdbf54808c763bd8b2599448ce 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 346 ETag: "14814580618864305E8309FD80745087AF60B8FDBF54808C763BD8B2599448CE" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18381 Expires: Fri, 02 Dec 2022 13:34:55 GMT Date: Fri, 02 Dec 2022 08:28:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 346 Md5: c4f46fa04f246b932725fed703864a84 Sha1: 6d2fcb653c7ee35b0a101a84c94469bff8b06780 Sha256: 14814580618864305e8309fd80745087af60b8fdbf54808c763bd8b2599448ce
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0b2fbb6776ecd3c5f0b4e7371b363f7b225a7b92248f659b5bb88a448cd0aff9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 607 Cache-Control: max-age=109455 Date: Fri, 02 Dec 2022 08:28:34 GMT Etag: "6388bd62-117" Expires: Sat, 03 Dec 2022 14:52:49 GMT Last-Modified: Thu, 01 Dec 2022 14:42:42 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 1d2b8bf9fa005ae33bd0e05d9ea89960 Sha1: 0e232ff69652639db2d9ee767082aeead8252264 Sha256: 0b2fbb6776ecd3c5f0b4e7371b363f7b225a7b92248f659b5bb88a448cd0aff9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0b2fbb6776ecd3c5f0b4e7371b363f7b225a7b92248f659b5bb88a448cd0aff9 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 607 Cache-Control: max-age=109455 Date: Fri, 02 Dec 2022 08:28:34 GMT Etag: "6388bd62-117" Expires: Sat, 03 Dec 2022 14:52:49 GMT Last-Modified: Thu, 01 Dec 2022 14:42:42 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 1d2b8bf9fa005ae33bd0e05d9ea89960 Sha1: 0e232ff69652639db2d9ee767082aeead8252264 Sha256: 0b2fbb6776ecd3c5f0b4e7371b363f7b225a7b92248f659b5bb88a448cd0aff9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 97c94d02bd4f863830420e516b4ec7cad64eff811e2dd0352f5c2ded2cd31189 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 608 Cache-Control: max-age=164193 Date: Fri, 02 Dec 2022 08:28:35 GMT Etag: "63899334-117" Expires: Sun, 04 Dec 2022 06:05:08 GMT Last-Modified: Fri, 02 Dec 2022 05:55:00 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 480 Md5: be3b3430f8826154d6de6d74e13df6b4 Sha1: 0d12e75ef80600e4fe0789906121cd6eaf93636d Sha256: 97c94d02bd4f863830420e516b4ec7cad64eff811e2dd0352f5c2ded2cd31189
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: d0d61fca16cfeb3ba0e03ed1155b5c771ce25db79bdadf31c40b8322bdff24de 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 608 Cache-Control: max-age=164193 Date: Fri, 02 Dec 2022 08:28:35 GMT Etag: "63899334-117" Expires: Sun, 04 Dec 2022 06:05:08 GMT Last-Modified: Fri, 02 Dec 2022 05:55:00 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 279 --- Additional Info --- Magic: data Size: 279 Md5: 2648342c6be24e6f36f3c2379c3434c6 Sha1: f5150a6d63e415c9fcf15730620b9cd884354fb5 Sha256: d0d61fca16cfeb3ba0e03ed1155b5c771ce25db79bdadf31c40b8322bdff24de
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: f6767229c679b38437f8a36cce780880aa82bdb644f78b1db40f094b6910695e 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F6767229C679B38437F8A36CCE780880AA82BDB644F78B1DB40F094B6910695E" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21061 Expires: Fri, 02 Dec 2022 14:19:37 GMT Date: Fri, 02 Dec 2022 08:28:36 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 55b9cb076810ac8fccb435235c934337 Sha1: 0d8813c41a12e9c74c41e1f79d27dd78df262028 Sha256: f6767229c679b38437f8a36cce780880aa82bdb644f78b1db40f094b6910695e
GET /?ref=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en.html%3Faid%3D2083685%26label%3D6389b73348e2a17e67320467 HTTP/1.1 Host: www.hotelcomparely.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.hotelcomparely.com/?ref=https%3A%2F%2Fwww.booking.c (...) FQDN: www.hotelcomparely.com IP: 45.33.2.79 HASH: a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83 45.33.2.79 HTTP/1.1 302 Moved Temporarily Content-Type: text/html Server: openresty/1.13.6.1 Date: Fri, 02 Dec 2022 08:28:36 GMT Content-Length: 167 Connection: close Location: http://www.hotelcomparely.com/?ref=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en.html%3Faid%3D2083685%26label%3D6389b73348e2a17e67320467 Set-Cookie: mtmssl=1;Domain=www.hotelcomparely.com;Path=/;Max-Age=120 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 167 Md5: 1dd977065c1e457e5fe1c16c8c83abdd Sha1: 6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504 Sha256: a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83
GET /?ref=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en.html%3Faid%3D2083685%26label%3D6389b73348e2a17e67320467 HTTP/1.1 Host: www.hotelcomparely.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: www.hotelcomparely.com/?ref=https%3A%2F%2Fwww.booking.c (...) FQDN: www.hotelcomparely.com IP: 45.33.2.79 HASH: 2cba0b70726b0de5879ee545def73a0342b99c204c583dc6c707675df827d0d2 45.33.2.79 HTTP/1.1 200 OK content-type: text/html; charset=utf-8 server: openresty/1.13.6.1 date: Fri, 02 Dec 2022 08:28:36 GMT content-length: 5074 vary: Accept-Language content-language: en connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (404) Size: 5074 Md5: f3a45bc9b42710626064556a9e8b4779 Sha1: 3bd9899b6d1605b17a39e9d2acbb12aba3a6ddd9 Sha256: 2cba0b70726b0de5879ee545def73a0342b99c204c583dc6c707675df827d0d2
GET /a/bk?transaction_id=1028c5537174b55a15feca4f716165 HTTP/1.1 Host: ji.hotelcomparly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: ji.hotelcomparly.com/a/bk?transaction_id=1028c5537174b5 (...) FQDN: ji.hotelcomparly.com IP: 172.67.220.159 HASH: f6c49cb5c10e74949786e2599e31d13fc26710cf8a32c6c5cad40f5c621e82f2 172.67.220.159 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Fri, 02 Dec 2022 08:28:35 GMT location: https://www.hotelcomparely.com/?ref=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en.html%3Faid%3D2083685%26label%3D6389b73348e2a17e67320467 x-powered-by: Express access-control-allow-origin: * access-control-allow-headers: Content-Type, Authorization access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, PATCH, DELETE referrer-policy: no-referrer referer-policy: no-referrer vary: Accept, Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qETPUQ859dpSuxh%2BmHIDkEAgXjKAeclNgj%2FWh%2BWILuHtKC09Y150mUkFWnh7HDFPhwVCCrZF%2FTmWxNmnRLx0wLVWFLqFpwlkwiLXNvK5kVZM5KadlWuEbsrOBH74i4cG4yGOIJFpVA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7732b09f990db529-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550) Size: 813 Md5: 80055986e0747289a7c0c5b53005a165 Sha1: 2b65ea4660fef0ebb982050329c3d423ae476071 Sha256: f6c49cb5c10e74949786e2599e31d13fc26710cf8a32c6c5cad40f5c621e82f2
GET /?template=ARROW_3&tdfs=0&s_token=1669969717.0111210000&uuid=1669969717.0111210000&term=Hotel%20Booking&term=Compare%20Hotel%20Rates&term=Hotel%20Rates%20for%20Groups&searchbox=0&showDomain=0&backfill=0 HTTP/1.1 Host: www6.hotelcomparely.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.hotelcomparely.com/ Upgrade-Insecure-Requests: 1	URL: www6.hotelcomparely.com/?template=ARROW_3&tdfs=0&s_toke (...) FQDN: www6.hotelcomparely.com IP: 35.186.238.101 HASH: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073 35.186.238.101 HTTP/1.1 200 OK Content-Type: text/html Server: openresty Date: Fri, 02 Dec 2022 08:28:37 GMT Content-Length: 2551 Last-Modified: Wed, 19 Oct 2022 06:29:27 GMT ETag: "634f9947-9f7" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_NWkHzsI6Mk0c2cOO1ibvXm0ZTEizBqn7T2xHRU2XPiNAiF1S2koWNTy9WRY6jtPRSOZrBlRsg+QS3PfVPEMYjw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400; Accept-Ranges: bytes Via: 1.1 google --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators Size: 2551 Md5: 41f66bb0ac50f2d851236170e7c71341 Sha1: 59bcec216302151922219b51be8ad8ab6d0b8384 Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.hotelcomparely.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: img1.wsimg.com/parking-lander/static/js/2.5940ae1c.chunk.js FQDN: img1.wsimg.com IP: 95.101.10.129 HASH: 10ebdcf812a393d96af2bf99a2e5ddf8381f37b2fa85698c4c25e7c03350712c 95.101.10.129 HTTP/2 200 OK content-type: application/javascript x-amz-id-2: a2iyKL5x2piu7WbxG8IhJTjeVIGnp7c0mYkOsCyYsqed3/14kgieTZ8SnJQ4V75GHm/7OhGvR/4= x-amz-request-id: 91RJ56MHH1W7G2SX last-modified: Fri, 16 Sep 2022 17:52:00 GMT etag: "04bb6e8d9135d976f28e9ba68fbc6f67" x-amz-server-side-encryption: AES256 x-amz-version-id: 4zafttojs22R6rxiZs_M0ICLL.vyZxyd accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip cache-control: max-age=31536000 expires: Sat, 02 Dec 2023 08:28:37 GMT date: Fri, 02 Dec 2022 08:28:37 GMT content-length: 135541 timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65462) Size: 135541 Md5: ed301c77cb4cfefcf054b77502912c41 Sha1: 0139ede39adaa61fdae8dfb9c7f6f8600025599b Sha256: 10ebdcf812a393d96af2bf99a2e5ddf8381f37b2fa85698c4c25e7c03350712c
GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.hotelcomparely.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: img1.wsimg.com/parking-lander/static/js/main.4e219663.c (...) FQDN: img1.wsimg.com IP: 95.101.10.129 HASH: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7 95.101.10.129 HTTP/2 200 OK content-type: application/javascript x-amz-id-2: bT1gYle8BNSLcfEqfmnwGSe1OBOZaHT0RRMjGELarYicaXV5gZbgkfpgf0pbFl/ULzcHx6sKMSI= x-amz-request-id: C0TA1WEG63BVN5BN last-modified: Fri, 16 Sep 2022 16:45:04 GMT etag: "87b518e8e45487e774f8d47f2dc0026f" x-amz-server-side-encryption: AES256 x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip cache-control: max-age=31536000 expires: Sat, 02 Dec 2023 08:28:37 GMT date: Fri, 02 Dec 2022 08:28:37 GMT content-length: 58202 timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65459) Size: 58202 Md5: feb46b3c6b7556a8bf123a5e87ffd2b5 Sha1: aff2efba814012e9fe1586055599069f77e6a062 Sha256: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Dec 2022 08:28:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 315873c315af2be891e63f8b421bae65 Sha1: 5277bb0c4fea2b036c6faf28d66395c96166ffd2 Sha256: 3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
GET /?sig=3RQAlpmLlDzLvSmL2DGByITM0xwZ4Z2LmtGZlRJMjtQVMaUqcWKqwI2psAUqeXG3rWzmmEabmxSIAuKDH1HBEqILzcIonuzJc1RZwEHG4OQEnOKBfATon1zJ2ywrMMzJgcSn5xJM1tzoZOGAKcIAJ5JJ1AKowOGB5kxAAu0LjVSFukH2uEKLRkzpIIzp1AJMG16t&hsh=696f1484f9a3ea44fb9a9e102afe0c35601023ba9984f38c HTTP/1.1 Host: track.hawkaffinity.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://dipaka-ead.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: track.hawkaffinity.com/?sig=3RQAlpmLlDzLvSmL2DGByITM0xw (...) FQDN: track.hawkaffinity.com IP: 104.21.44.34 HASH: 9972f50e0256d54dad8d7a592cfb5ae5bc2e67702d4fd32d7f771f0db78b54e8 104.21.44.34 HTTP/2 200 OK content-type: text/html; charset=UTF-8 date: Fri, 02 Dec 2022 08:28:34 GMT vary: Accept-Encoding strict-transport-security: max-age=31536000 cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbtBzGgKdpQ9PYzsxILAmy0upnxDWGLaYdn%2Fw%2BlDp%2BMSWKhuiTGXwveFx4syiE3lIRUoUzeP4B2ojgvJON3Iq2wcDM3mHa0ulUklq1g6G2%2FLshV6TRf%2Bgv22UOF9S8YV3QWDfOhIYAO0"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7732b096df041c0e-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 755 Md5: 2f6dcc6b5854310281558af29aafdbec Sha1: c59eab1ad2257d5deaf8d60222d5888ccbe28558 Sha256: 9972f50e0256d54dad8d7a592cfb5ae5bc2e67702d4fd32d7f771f0db78b54e8
GET /?template=ARROW_3&tdfs=0&s_token=1669969717.0111210000&uuid=1669969717.0111210000&term=Hotel%20Booking&term=Compare%20Hotel%20Rates&term=Hotel%20Rates%20for%20Groups&searchbox=0&showDomain=0&backfill=0 HTTP/1.1 Host: www6.hotelcomparely.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner= Upgrade-Insecure-Requests: 1 If-Modified-Since: Wed, 19 Oct 2022 06:29:27 GMT If-None-Match: "634f9947-9f7" Cache-Control: max-age=0	URL: www6.hotelcomparely.com/?template=ARROW_3&tdfs=0&s_toke (...) FQDN: www6.hotelcomparely.com IP: 35.186.238.101 HASH: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073 35.186.238.101 HTTP/1.1 200 OK Content-Type: text/html Server: openresty Date: Fri, 02 Dec 2022 08:28:37 GMT Content-Length: 2551 Last-Modified: Sun, 27 Nov 2022 01:56:48 GMT ETag: "6382c3e0-9f7" X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_NWkHzsI6Mk0c2cOO1ibvXm0ZTEizBqn7T2xHRU2XPiNAiF1S2koWNTy9WRY6jtPRSOZrBlRsg+QS3PfVPEMYjw Cache-Control: no-cache X-Content-Type-Options: nosniff Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400; Accept-Ranges: bytes Via: 1.1 google --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators Size: 2551 Md5: 41f66bb0ac50f2d851236170e7c71341 Sha1: 59bcec216302151922219b51be8ad8ab6d0b8384 Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.hotelcomparely.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Fri, 16 Sep 2022 17:52:00 GMT If-None-Match: "04bb6e8d9135d976f28e9ba68fbc6f67" Cache-Control: max-age=0 TE: trailers	URL: img1.wsimg.com/parking-lander/static/js/2.5940ae1c.chunk.js FQDN: img1.wsimg.com IP: 95.101.10.129 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 95.101.10.129 HTTP/2 304 Not Modified content-type: application/javascript last-modified: Fri, 16 Sep 2022 17:52:00 GMT etag: "04bb6e8d9135d976f28e9ba68fbc6f67" cache-control: max-age=31536000 expires: Sat, 02 Dec 2023 08:28:38 GMT date: Fri, 02 Dec 2022 08:28:38 GMT timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 Host: img1.wsimg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.hotelcomparely.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site If-Modified-Since: Fri, 16 Sep 2022 16:45:04 GMT If-None-Match: "87b518e8e45487e774f8d47f2dc0026f" Cache-Control: max-age=0 TE: trailers	URL: img1.wsimg.com/parking-lander/static/js/main.4e219663.c (...) FQDN: img1.wsimg.com IP: 95.101.10.129 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 95.101.10.129 HTTP/2 304 Not Modified content-type: application/javascript last-modified: Fri, 16 Sep 2022 16:45:04 GMT etag: "87b518e8e45487e774f8d47f2dc0026f" cache-control: max-age=31536000 expires: Sat, 02 Dec 2023 08:28:38 GMT date: Fri, 02 Dec 2022 08:28:38 GMT timing-allow-origin: * access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 75 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.godaddy.com/ FQDN: ocsp.godaddy.com IP: 192.124.249.23 HASH: 0c7da6b23f49c97ac475462d5f7c5000f6a88bc22398d59ceb7397372967e52d 192.124.249.23 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Sucuri/Cloudproxy Date: Fri, 02 Dec 2022 08:28:38 GMT Content-Length: 1777 Connection: keep-alive X-Sucuri-ID: 19023 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Thu, 01 Dec 2022 21:44:22 GMT Expires: Fri, 02 Dec 2022 21:44:22 GMT ETag: "fe56cd4e93ef5f3756ad54725d77a20c6c4aabf8" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" --- Additional Info --- Magic: data Size: 1777 Md5: 68ddd4644740d87807af92613c4f8029 Sha1: fe56cd4e93ef5f3756ad54725d77a20c6c4aabf8 Sha256: 0c7da6b23f49c97ac475462d5f7c5000f6a88bc22398d59ceb7397372967e52d
POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 75 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.godaddy.com/ FQDN: ocsp.godaddy.com IP: 192.124.249.23 HASH: 0c7da6b23f49c97ac475462d5f7c5000f6a88bc22398d59ceb7397372967e52d 192.124.249.23 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Sucuri/Cloudproxy Date: Fri, 02 Dec 2022 08:28:38 GMT Content-Length: 1777 Connection: keep-alive X-Sucuri-ID: 19023 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Thu, 01 Dec 2022 21:44:22 GMT Expires: Fri, 02 Dec 2022 21:44:22 GMT ETag: "fe56cd4e93ef5f3756ad54725d77a20c6c4aabf8" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" --- Additional Info --- Magic: data Size: 1777 Md5: 68ddd4644740d87807af92613c4f8029 Sha1: fe56cd4e93ef5f3756ad54725d77a20c6c4aabf8 Sha256: 0c7da6b23f49c97ac475462d5f7c5000f6a88bc22398d59ceb7397372967e52d
GET /adsense/domains/caf.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.hotelcomparely.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/adsense/domains/caf.js FQDN: www.google.com IP: 142.250.74.164 HASH: 5a0cd84826bed56584e38971c9addd985d0d3691cca725de30b8592154109afe 142.250.74.164 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} date: Fri, 02 Dec 2022 08:28:37 GMT expires: Fri, 02 Dec 2022 08:28:37 GMT cache-control: private, max-age=3600 etag: "13012075086301908205" x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1885) Size: 53480 Md5: 485e65610eb2ebdbcc10e85715122d37 Sha1: 9bfc3f3add23f16e5ae10206589119b638cf4f8a Sha256: 5a0cd84826bed56584e38971c9addd985d0d3691cca725de30b8592154109afe
POST /v1/parkingEvents HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.hotelcomparely.com/ Content-Type: application/json Origin: http://www6.hotelcomparely.com Content-Length: 721 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: api.aws.parking.godaddy.com/v1/parkingEvents FQDN: api.aws.parking.godaddy.com IP: 3.85.157.241 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.85.157.241 HTTP/2 200 OK content-type: text/plain date: Fri, 02 Dec 2022 08:28:38 GMT content-length: 0 set-cookie: AWSALB=b27XAnfAGEygVVJoIECKW3Fiq72SkE1Rh6eWea5O5E+OJs8Set6qVE0gsqtU4fL13NLp33s83mFJNtF2Wi2BQD/tuEQd2iDg7lFmmTp8MIggGztO5cImA8rN0zSJ; Expires=Fri, 09 Dec 2022 08:28:38 GMT; Path=/ AWSALBCORS=b27XAnfAGEygVVJoIECKW3Fiq72SkE1Rh6eWea5O5E+OJs8Set6qVE0gsqtU4fL13NLp33s83mFJNtF2Wi2BQD/tuEQd2iDg7lFmmTp8MIggGztO5cImA8rN0zSJ; Expires=Fri, 09 Dec 2022 08:28:38 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/domains/domain?domain=www6.hotelcomparely.com&portfolioId= HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: x-request-id Referer: http://www6.hotelcomparely.com/ Origin: http://www6.hotelcomparely.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Cache-Control: max-age=0	URL: api.aws.parking.godaddy.com/v1/domains/domain?domain=ww (...) FQDN: api.aws.parking.godaddy.com IP: 3.85.157.241 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.85.157.241 HTTP/2 200 OK date: Fri, 02 Dec 2022 08:28:38 GMT content-length: 0 set-cookie: AWSALB=IBkby9j+XWqVfs44FFG77fgwopDN19C++csBIuJV0HGAUaYo0cWSWcmf4dUXiqmwYqT90m1T8TZldR31pwo6Q7ZhRdU66w+nuRCOEHyKSmDiVIz6v7N4j/nt58Ip; Expires=Fri, 09 Dec 2022 08:28:38 GMT; Path=/ AWSALBCORS=IBkby9j+XWqVfs44FFG77fgwopDN19C++csBIuJV0HGAUaYo0cWSWcmf4dUXiqmwYqT90m1T8TZldR31pwo6Q7ZhRdU66w+nuRCOEHyKSmDiVIz6v7N4j/nt58Ip; Expires=Fri, 09 Dec 2022 08:28:38 GMT; Path=/; SameSite=None; Secure access-control-allow-credentials: true access-control-allow-headers: X-Request-Id access-control-allow-methods: GET, HEAD, OPTIONS access-control-allow-origin: http://www6.hotelcomparely.com access-control-max-age: 600 x-request-id: DShYj4T8 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/domains/domain?domain=www6.hotelcomparely.com&portfolioId= HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.hotelcomparely.com/ X-Request-Id: 8f539b1a-92fb-4215-87c7-637b463f730a Origin: http://www6.hotelcomparely.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: api.aws.parking.godaddy.com/v1/domains/domain?domain=ww (...) FQDN: api.aws.parking.godaddy.com IP: 3.85.157.241 HASH: a9cbaeb9d51faeaf110f4f00cfe93a0a64f67d76da5dc204f964831e8f65758b 3.85.157.241 HTTP/2 200 OK content-type: application/json date: Fri, 02 Dec 2022 08:28:38 GMT content-length: 1025 set-cookie: AWSALB=BLtv6QmuvMSowhLMjWgeSiHMHL61zIBnapvFLwOlptJAm3qLMKfigj/dG49hgZttDt6peDnwV617FtovzxHF4XEddnGZOYZE2TUh12vIFeT0UvGon4LpnMPLg0hM; Expires=Fri, 09 Dec 2022 08:28:38 GMT; Path=/ AWSALBCORS=BLtv6QmuvMSowhLMjWgeSiHMHL61zIBnapvFLwOlptJAm3qLMKfigj/dG49hgZttDt6peDnwV617FtovzxHF4XEddnGZOYZE2TUh12vIFeT0UvGon4LpnMPLg0hM; Expires=Fri, 09 Dec 2022 08:28:38 GMT; Path=/; SameSite=None; Secure access-control-allow-credentials: true access-control-allow-origin: http://www6.hotelcomparely.com access-control-max-age: 600 x-request-id: 8f539b1a-92fb-4215-87c7-637b463f730a X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (1024) Size: 1025 Md5: d09be2925134c36d62dd80ea0ddde3eb Sha1: 44471d52949edfba16f3d513442bd367ef3d5ec1 Sha256: a9cbaeb9d51faeaf110f4f00cfe93a0a64f67d76da5dc204f964831e8f65758b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Dec 2022 08:28:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a9bdfccd1df3e323e28d92aea1077409 Sha1: 4625fbbbbb614755a86dabddfaf40e99b3934ba6 Sha256: 8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66
GET /gampad/cookie.js?domain=www6.hotelcomparely.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 Host: partner.googleadservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www6.hotelcomparely.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: partner.googleadservices.com/gampad/cookie.js?domain=ww (...) FQDN: partner.googleadservices.com IP: 216.58.207.226 HASH: c9533f5353054f3d3a64f3f188d61bdf442524d6e4b39501199810149986d56a 216.58.207.226 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Fri, 02 Dec 2022 08:28:38 GMT server: cafe cache-control: private content-length: 189 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 189 Md5: bac7554d68c2eddd1c2077cfb652305c Sha1: 5eaf2c3ac510d69788f5e7240f1d47394824b994 Sha256: c9533f5353054f3d3a64f3f188d61bdf442524d6e4b39501199810149986d56a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Dec 2022 08:28:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a9bdfccd1df3e323e28d92aea1077409 Sha1: 4625fbbbbb614755a86dabddfaf40e99b3934ba6 Sha256: 8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Dec 2022 08:28:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ebd276a987cbfec50bf95ce593a6dbc6 Sha1: 0b03e0bb38915c84e23d9369d7f2947d6d73bafb Sha256: de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Dec 2022 08:28:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ebd276a987cbfec50bf95ce593a6dbc6 Sha1: 0b03e0bb38915c84e23d9369d7f2947d6d73bafb Sha256: de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: afs.googleusercontent.com/ad_icons/standard/publisher_i (...) FQDN: afs.googleusercontent.com IP: 142.250.74.129 HASH: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2 142.250.74.129 HTTP/2 200 OK content-type: image/svg+xml accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 272 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 01 Dec 2022 15:00:42 GMT expires: Fri, 02 Dec 2022 14:00:42 GMT cache-control: public, max-age=82800 age: 62876 last-modified: Thu, 19 Dec 2019 14:15:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390) Size: 272 Md5: bbbac37f0b6e29a6099e4aa7cb19d6ca Sha1: 0acafe95e2141f0af6109203efeb2d98e6b926c6 Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 Host: afs.googleusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.google.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: afs.googleusercontent.com/ad_icons/standard/publisher_i (...) FQDN: afs.googleusercontent.com IP: 142.250.74.129 HASH: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a 142.250.74.129 HTTP/2 200 OK content-type: image/svg+xml accept-ranges: bytes vary: Accept-Encoding content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} content-length: 174 x-content-type-options: nosniff content-encoding: gzip server: sffe x-xss-protection: 0 date: Thu, 01 Dec 2022 19:59:49 GMT expires: Fri, 02 Dec 2022 18:59:49 GMT cache-control: public, max-age=82800 age: 44929 last-modified: Thu, 22 Oct 2020 21:45:00 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators Size: 174 Md5: 4de8b85c8915995b571bde50e231be7c Sha1: 29c226ca7b9cbe1d44e5480ce95bbb42727b2d99 Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 02 Dec 2022 08:28:39 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ebd276a987cbfec50bf95ce593a6dbc6 Sha1: 0b03e0bb38915c84e23d9369d7f2947d6d73bafb Sha256: de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /v1/parkingEvents HTTP/1.1 Host: api.aws.parking.godaddy.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://www6.hotelcomparely.com/ Content-Type: application/json Origin: http://www6.hotelcomparely.com Content-Length: 716 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: api.aws.parking.godaddy.com/v1/parkingEvents FQDN: api.aws.parking.godaddy.com IP: 3.85.157.241 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.85.157.241 HTTP/2 200 OK content-type: text/plain date: Fri, 02 Dec 2022 08:28:39 GMT content-length: 0 set-cookie: AWSALB=goLy8HryBTf1Dwu0Shx/xBa5MGJqorkaKqT4QfTewbB4qNsePAgCXPetywepohF+XsxeazowYnVRtuyTNyFV1r8YpbXMUzeINCZmIXLC8uml8TafYQA0jp/imbf9; Expires=Fri, 09 Dec 2022 08:28:39 GMT; Path=/ AWSALBCORS=goLy8HryBTf1Dwu0Shx/xBa5MGJqorkaKqT4QfTewbB4qNsePAgCXPetywepohF+XsxeazowYnVRtuyTNyFV1r8YpbXMUzeINCZmIXLC8uml8TafYQA0jp/imbf9; Expires=Fri, 09 Dec 2022 08:28:39 GMT; Path=/; SameSite=None; Secure access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ae76bbb6cddd1d36af146ee9cf320b43b3dc249b5cad29a2aec3a6c50d522cb5 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "AE76BBB6CDDD1D36AF146EE9CF320B43B3DC249B5CAD29A2AEC3A6C50D522CB5" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13729 Expires: Fri, 02 Dec 2022 12:17:28 GMT Date: Fri, 02 Dec 2022 08:28:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5798030605547f4ecea8d47cf4044ee Sha1: 3724b1ed897a387dcf8cfe53e5f13671f7547733 Sha256: ae76bbb6cddd1d36af146ee9cf320b43b3dc249b5cad29a2aec3a6c50d522cb5
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ae76bbb6cddd1d36af146ee9cf320b43b3dc249b5cad29a2aec3a6c50d522cb5 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "AE76BBB6CDDD1D36AF146EE9CF320B43B3DC249B5CAD29A2AEC3A6C50D522CB5" Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13729 Expires: Fri, 02 Dec 2022 12:17:28 GMT Date: Fri, 02 Dec 2022 08:28:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5798030605547f4ecea8d47cf4044ee Sha1: 3724b1ed897a387dcf8cfe53e5f13671f7547733 Sha256: ae76bbb6cddd1d36af146ee9cf320b43b3dc249b5cad29a2aec3a6c50d522cb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356e23df-cb76-452a-b299-da5410086837.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 15495 x-amzn-requestid: 977cdbce-3a9c-4006-a5a1-5c4c82bd4a94 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cfHDIFxzIAMFzEw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63891ee0-4b2cb3a16ca745537a8caf8c;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: KnOx0PJ8BR9OoAzXfuWk_Je_yawqzY4isC0hYTZRvJ74YiVs8jqyIQ== via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Thu, 01 Dec 2022 22:25:42 GMT age: 36177 etag: "f799dfd89a4f5a452dc837b8616549f578fb4184" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15495 Md5: 82ea44d6cb116fb1f5752ce9bb87e345 Sha1: f799dfd89a4f5a452dc837b8616549f578fb4184 Sha256: e9087e7fce332289d67d4d5646d0233c2f2d871cc88dc1c51d5ea1e9f2fb5abd
OPTIONS /sn/ HTTP/1.1 Host: postback.trafficmotor.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: http://www6.hotelcomparely.com/ Origin: http://www6.hotelcomparely.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: postback.trafficmotor.com/sn/ FQDN: postback.trafficmotor.com IP: 45.79.38.145 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 45.79.38.145 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Server: openresty/1.13.6.1 Date: Fri, 02 Dec 2022 08:28:39 GMT Content-Length: 0 Connection: close Allow: HEAD, GET, POST, OPTIONS Access-Control-Allow-Origin: http://www6.hotelcomparely.com Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT Vary: Origin Access-Control-Allow-Headers: content-type --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aff_c?offer_id=10742&aff_id=101167 HTTP/1.1 Host: trk.buyent.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://hawkaffinity.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: trk.buyent.xyz/aff_c?offer_id=10742&aff_id=101167 FQDN: trk.buyent.xyz IP: 104.21.68.113 104.21.68.113 HTTP/2 302 Found content-type: text/html; charset=iso-8859-1 date: Fri, 02 Dec 2022 08:28:34 GMT cache-control: no-cache, no-store, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT location: /aff_r?offer_id=10742&aff_id=101167&url=https%3A%2F%2Fji.hotelcomparly.com%2Fa%2Fbk%3Ftransaction_id%3D1028c5537174b55a15feca4f716165&urlauth=480979388875946607301391358632 p3p: CP="NOI CUR OUR NOR INT" pragma: no-cache set-cookie: enc_aff_session_10742=ENC031d38da2fe48abd468987f3b4d3f1a15c403e137668a024da84f156f02440ee484422e5aae07b5be67a058ca078ea49cef8acaa6f6399e95a4a5f1e7506329681b00e7abd735cf37a32b8abe65097ac11ec061a28dc286ed26e01d9fa35efb8b012c49e5138814087a02f31737495c6fc6ca072f52247a8f8c7e9e43bfd1bc43ec1a7874ee916c080123f1de9d98ce7e3e7e51598881ab238d84aec161d1ea0200e5077e0; expires=Fri, 16 Dec 2022 08:28:34 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 26 Oct 2025 19:08:34 GMT; path=/; SameSite=None; Secure tracking_id: 1028c5537174b55a15feca4f716165 access-control-allow-origin: * x-request-id: 07d37bbc2bdd411bb27a2b4db34ecb8e access-control-allow-headers: Tune-SDK-Version cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LessqzHVSeaPEPD1ydBl%2BZD0phbz7VEv5o2RCevr6l%2Fh3SqAq7ycUfmZj%2Fdi6GSFLuCV40ARS9hOOVkdTo2bc0zDw%2FDZePFxF5hUGvYhCrGn5Mv3AHuxYe5%2FOb95KcSVxA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7732b09ccd0ab4e8-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /aff_r?offer_id=10742&aff_id=101167&url=https%3A%2F%2Fji.hotelcomparly.com%2Fa%2Fbk%3Ftransaction_id%3D1028c5537174b55a15feca4f716165&urlauth=480979388875946607301391358632 HTTP/1.1 Host: trk.buyent.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://hawkaffinity.com/ Connection: keep-alive Cookie: enc_aff_session_10742=ENC031d38da2fe48abd468987f3b4d3f1a15c403e137668a024da84f156f02440ee484422e5aae07b5be67a058ca078ea49cef8acaa6f6399e95a4a5f1e7506329681b00e7abd735cf37a32b8abe65097ac11ec061a28dc286ed26e01d9fa35efb8b012c49e5138814087a02f31737495c6fc6ca072f52247a8f8c7e9e43bfd1bc43ec1a7874ee916c080123f1de9d98ce7e3e7e51598881ab238d84aec161d1ea0200e5077e0; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: trk.buyent.xyz/aff_r?offer_id=10742&aff_id=101167&url=h (...) FQDN: trk.buyent.xyz IP: 104.21.68.113 104.21.68.113 HTTP/2 200 OK content-type: text/html date: Fri, 02 Dec 2022 08:28:34 GMT cache-control: no-cache, no-store, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT pragma: no-cache access-control-allow-origin: * x-request-id: 8c78645064612d1478600bf485d96227 access-control-allow-headers: Tune-SDK-Version cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMIe9yt810LfiP8MYw2K%2BcJMOzS%2F5yA5U4lDX8mIjlgDU3cpl%2BUFKc38xsOXe%2Fn%2Besf%2BP2tJJo2n3PkF4m63zInLtGvVBcXw0c4cemvktFH3%2F05po%2FgDlJORdMwYTq0W%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7732b09d6df7b4e8-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11799 

                                        
                                            
Expires: Fri, 02 Dec 2022 11:45:09 GMT 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:30 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    3bbb845b153026fc5332dd4506585b57

                                                Sha1:   3cad200fac28fd00f34ce6ef79373e661e188743

                                                Sha256: 6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 2793 

                                        
                                            
Cache-Control: max-age=96555 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:30 GMT 

                                        
                                            
Etag: "63888270-1d7" 

                                        
                                            
Expires: Sat, 03 Dec 2022 11:17:45 GMT 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT 

                                        
                                            
Server: ECS (ska/F709) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    0c748388899e8a8d3680355da2ea5020

                                                Sha1:   903c620cd137613daafb0da0508c37b2f4a67212

                                                Sha256: 39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16876 

                                        
                                            
Expires: Fri, 02 Dec 2022 13:09:46 GMT 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:30 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    55b4c61a1e99001307750e3647fe1102

                                                Sha1:   7559f9f6770b7d3f45b723167062096312641e08

                                                Sha256: 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 02 Dec 2022 08:28:30 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 02 Dec 2022 08:08:57 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 1174 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2OTk3NjkxMCwiaWF0IjoxNjY5OTY5NzEwLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21lcDZrbnU5YmdnOGpxOG8xdGUyYzkiLCJuYmYiOjE2Njk5Njk3MTAsInRzIjoxNjY5OTY5NzEwNTY1OTQ4fQ.xnoAEJ-EEOQCZOJpD__D5Oi3LWMFx7TRfXRvjl1Ceow&sid=4d579954-721b-11ed-b858-bd568089f10c HTTP/1.1 

                                        
                                            
Host: dollargeneral.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dollargeneral.co/ 

                                        
                                            
Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         93.115.28.104

                                        
                                            HTTP/1.1 302 Found

                                        

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
connection: close 

                                        
                                            
content-length: 11 

                                        
                                            
date: Fri, 02 Dec 2022 08:28:31 GMT 

                                        
                                            
location: http://ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: sid=4d579954-721b-11ed-b858-bd568089f10c; path=/; domain=.dollargeneral.co; expires=Wed, 20 Dec 2090 11:42:38 GMT; max-age=2147483647; HttpOnly 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   11

                                                Md5:    32682312d17c7cbf18e73594f5570319

                                                Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9

                                                Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

                                        
                                            GET /?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software HTTP/1.1 

                                        
                                            
Host: ww1.dollargeneral.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Referer: http://dollargeneral.co/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         13.248.148.254

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:31 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-Redirect: zeropark_zeroclick 

                                        
                                            
X-Template: tpl_CleanPeppermintBlack_twoclick 

                                        
                                            
X-Language: norwegian 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2234)

                                                Size:   2533

                                                Md5:    1cc95550cab8be2455e7081c06e1dcf4

                                                Sha1:   0b5e926d124a11dffc982e58465cbdccbda30c9b

                                                Sha256: f00ab1e5b3818e2b00056aa0c272c4adb0ede112046eff30696235df243324ed

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=18260 

                                        
                                            
Expires: Fri, 02 Dec 2022 13:32:52 GMT 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:32 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecab83d593cc540b02689be5be7abc8a

                                                Sha1:   81cda579b7b9b22332b85266b0126585f3d3f73f

                                                Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=18260 

                                        
                                            
Expires: Fri, 02 Dec 2022 13:32:52 GMT 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:32 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecab83d593cc540b02689be5be7abc8a

                                                Sha1:   81cda579b7b9b22332b85266b0126585f3d3f73f

                                                Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=18260 

                                        
                                            
Expires: Fri, 02 Dec 2022 13:32:52 GMT 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:32 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    ecab83d593cc540b02689be5be7abc8a

                                                Sha1:   81cda579b7b9b22332b85266b0126585f3d3f73f

                                                Sha256: d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11443 

                                        
                                            
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cfHDHE4zoAMFvfw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA== 

                                        
                                            
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 21:55:34 GMT 

                                        
                                            
age: 37978 

                                        
                                            
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11443

                                                Md5:    d08081e2dd562ef50e4e98ebc0136698

                                                Sha1:   b5118bca37feda2ada3001199dc1d80ac6d2aacc

                                                Sha256: 5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcca8556b-b044-489f-bc74-086aad62b062.webp HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7591 

                                        
                                            
x-amzn-requestid: e179862e-f840-4e50-a9dc-09f325479b9a 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cfGgMFRZIAMFl7g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63891e01-676a1571459f2d83488f2765;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:57 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: oB5K_ZCWWwCltMx8FQSjDdXRMzSTSyRLSYSLAooQXuCrUxadLUiWkA== 

                                        
                                            
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 01 Dec 2022 21:48:51 GMT 

                                        
                                            
age: 38381 

                                        
                                            
etag: "ffd0763f997e71a8c1458523fc17cafe8849dfdf" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7591

                                                Md5:    d147ccb10bda82b153a596c3c967cd6a

                                                Sha1:   ffd0763f997e71a8c1458523fc17cafe8849dfdf

                                                Sha256: 1cfeb90a4ba027195f903d938d4a0aac418a1c2f0b52215ec023263f15905971

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6174 

                                        
                                            
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cZ0iyH2WoAMFQdg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg== 

                                        
                                            
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 02 Dec 2022 06:00:48 GMT 

                                        
                                            
age: 8864 

                                        
                                            
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6174

                                                Md5:    b986f9fcbeca91ed5c8d58fbfaf47d19

                                                Sha1:   6e6c8bd2bce144cc4da1cd7be375b046b60dca79

                                                Sha256: 07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

                                        
                                            POST /ls.php HTTP/1.1 

                                        
                                            
Host: ww1.dollargeneral.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/x-www-form-urlencoded; charset=UTF-8 

                                        
                                            
Content-Length: 2186 

                                        
                                            
Origin: http://ww1.dollargeneral.co 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software 

                                        
                                            
Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c

                                         13.248.148.254

                                        
                                            HTTP/1.1 201 Created 

                                        
                                            
Content-Type: text/javascript;charset=UTF-8

                                        

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:32 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
X-Log-Success: 6389b730277d930722354588 

                                        
                                            
Charset: utf-8 

                                        
                                            
Access-Control-Allow-Origin: http://ww1.dollargeneral.co 

                                        
                                            
Access-Control-Allow-Methods: POST, OPTIONS 

                                        
                                            
Access-Control-Max-Age: 86400 

                                        
                                            
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Q2BDpwiwi6d/Yvjy6JZfsAfcXLatbucm51uNsFXU89D3oJshPIqlPM/rmCSDv9j7xQOLYiCHYfB8wxmzlUYLsQ== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /track.php?click=8bc5311fea51f5d88ad90580a49f43a22d8f5165&domain=dollargeneral.co&uid=MTY2OTk2OTcxMS42NzcyOjgyZWZlZTYzNDJhYTQxZGZkZWJjMTdkOTNmNGU5MDc2YmUxMDc2YjQ4MDNkOTlkYTdlYjY0ZDgwMTQ2NTRmZTI6NjM4OWI3MmZhNTU2MQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2Mzg5YjcyZmE1NTRifHx8MTY2OTk2OTcxMS45NjQ1fGU5NzI5NWE2M2Y5Zjg1ODkwNmZiMjE5ZGY1YTU5ZGNhMjlkOTdjMzV8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw0ZjI3YjEyZTdmMmU0MGNmNzVjMjFlZTM4ODMzNjBiMmQ0MzY3ZGJkfDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1 

                                        
                                            
Host: ww1.dollargeneral.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://ww1.dollargeneral.co/?subid1=4d579954-721b-11ed-b858-bd568089f10c&backfill=0&kw1=Ecommerce+Online+Store&kw2=Custom+Order+MGMT+Software&kw3=Online+Payment+Gateways&kw4=Product+Returns+MGMT+Software 

                                        
                                            
Cookie: sid=4d579954-721b-11ed-b858-bd568089f10c

                                         13.248.148.254

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:33 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
X-View-Match: true 

                                        
                                            
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile 

                                        
                                            
Accept-CH-Lifetime: 30 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   20

                                                Md5:    a4745abc5e7fdb89cc6df3069f3c6e69

                                                Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed

                                                Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

                                        
                                            GET /zcredirect?visitid=4e1a66f4-721b-11ed-b470-12eaaa23d38d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 

                                        
                                            
Host: dipaka-ead.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dipaka-ead.com/zcvisitor/4e1a66f4-721b-11ed-b470-12eaaa23d38d/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=15e92720-c079-11ec-bea2-128084d1ce51 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         3.212.50.125

                                        
                                            HTTP/1.1 200  

                                        
                                            
Content-Type: text/html;charset=UTF-8

                                        

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:33 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Allow-Methods: GET,POST,OPTIONS 

                                        
                                            
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag 

                                        
                                            
redirected: JS 

                                        
                                            
Server: naUnaoyZ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (333)

                                                Size:   752

                                                Md5:    56ebf9a837d5d64ff3c6c3acc96ff2c6

                                                Sha1:   5a78cf25580aa7093b47c0bf5e3f2f81274dd0ec

                                                Sha256: 71bdece4410e21f1327059290c609890cd2868cbc088211612e5ad1d2a30fa8c

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: dipaka-ead.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dipaka-ead.com/zcredirect?visitid=4e1a66f4-721b-11ed-b470-12eaaa23d38d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

                                         3.212.50.125

                                        
                                            HTTP/1.1 404  

                                        
                                            
Content-Type: text/html;charset=utf-8

                                        

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:33 GMT 

                                        
                                            
Content-Length: 653 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
Content-Language: en 

                                        
                                            
Server: puQTymrl 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators

                                                Size:   653

                                                Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66

                                                Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe

                                                Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 607 

                                        
                                            
Cache-Control: max-age=109455 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:34 GMT 

                                        
                                            
Etag: "6388bd62-117" 

                                        
                                            
Expires: Sat, 03 Dec 2022 14:52:49 GMT 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 14:42:42 GMT 

                                        
                                            
Server: ECS (ska/F709) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 279 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   279

                                                Md5:    1d2b8bf9fa005ae33bd0e05d9ea89960

                                                Sha1:   0e232ff69652639db2d9ee767082aeead8252264

                                                Sha256: 0b2fbb6776ecd3c5f0b4e7371b363f7b225a7b92248f659b5bb88a448cd0aff9

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 608 

                                        
                                            
Cache-Control: max-age=164193 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:35 GMT 

                                        
                                            
Etag: "63899334-117" 

                                        
                                            
Expires: Sun, 04 Dec 2022 06:05:08 GMT 

                                        
                                            
Last-Modified: Fri, 02 Dec 2022 05:55:00 GMT 

                                        
                                            
Server: ECS (ska/F709) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 279 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   480

                                                Md5:    be3b3430f8826154d6de6d74e13df6b4

                                                Sha1:   0d12e75ef80600e4fe0789906121cd6eaf93636d

                                                Sha256: 97c94d02bd4f863830420e516b4ec7cad64eff811e2dd0352f5c2ded2cd31189

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F6767229C679B38437F8A36CCE780880AA82BDB644F78B1DB40F094B6910695E" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=21061 

                                        
                                            
Expires: Fri, 02 Dec 2022 14:19:37 GMT 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    55b9cb076810ac8fccb435235c934337

                                                Sha1:   0d8813c41a12e9c74c41e1f79d27dd78df262028

                                                Sha256: f6767229c679b38437f8a36cce780880aa82bdb644f78b1db40f094b6910695e

                                        
                                            GET /?ref=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en.html%3Faid%3D2083685%26label%3D6389b73348e2a17e67320467 HTTP/1.1 

                                        
                                            
Host: www.hotelcomparely.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         45.33.2.79

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
server: openresty/1.13.6.1 

                                        
                                            
date: Fri, 02 Dec 2022 08:28:36 GMT 

                                        
                                            
content-length: 5074 

                                        
                                            
vary: Accept-Language 

                                        
                                            
content-language: en 

                                        
                                            
connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (404)

                                                Size:   5074

                                                Md5:    f3a45bc9b42710626064556a9e8b4779

                                                Sha1:   3bd9899b6d1605b17a39e9d2acbb12aba3a6ddd9

                                                Sha256: 2cba0b70726b0de5879ee545def73a0342b99c204c583dc6c707675df827d0d2

                                        
                                            GET /?template=ARROW_3&tdfs=0&s_token=1669969717.0111210000&uuid=1669969717.0111210000&term=Hotel%20Booking&term=Compare%20Hotel%20Rates&term=Hotel%20Rates%20for%20Groups&searchbox=0&showDomain=0&backfill=0 HTTP/1.1 

                                        
                                            
Host: www6.hotelcomparely.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.hotelcomparely.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         35.186.238.101

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: openresty 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:37 GMT 

                                        
                                            
Content-Length: 2551 

                                        
                                            
Last-Modified: Wed, 19 Oct 2022 06:29:27 GMT 

                                        
                                            
ETag: "634f9947-9f7" 

                                        
                                            
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_NWkHzsI6Mk0c2cOO1ibvXm0ZTEizBqn7T2xHRU2XPiNAiF1S2koWNTy9WRY6jtPRSOZrBlRsg+QS3PfVPEMYjw 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400; 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Via: 1.1 google 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators

                                                Size:   2551

                                                Md5:    41f66bb0ac50f2d851236170e7c71341

                                                Sha1:   59bcec216302151922219b51be8ad8ab6d0b8384

                                                Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073

                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 

                                        
                                            
Host: img1.wsimg.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www6.hotelcomparely.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         95.101.10.129

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
x-amz-id-2: bT1gYle8BNSLcfEqfmnwGSe1OBOZaHT0RRMjGELarYicaXV5gZbgkfpgf0pbFl/ULzcHx6sKMSI= 

                                        
                                            
x-amz-request-id: C0TA1WEG63BVN5BN 

                                        
                                            
last-modified: Fri, 16 Sep 2022 16:45:04 GMT 

                                        
                                            
etag: "87b518e8e45487e774f8d47f2dc0026f" 

                                        
                                            
x-amz-server-side-encryption: AES256 

                                        
                                            
x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
expires: Sat, 02 Dec 2023 08:28:37 GMT 

                                        
                                            
date: Fri, 02 Dec 2022 08:28:37 GMT 

                                        
                                            
content-length: 58202 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65459)

                                                Size:   58202

                                                Md5:    feb46b3c6b7556a8bf123a5e87ffd2b5

                                                Sha1:   aff2efba814012e9fe1586055599069f77e6a062

                                                Sha256: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7

                                        
                                            GET /?sig=3RQAlpmLlDzLvSmL2DGByITM0xwZ4Z2LmtGZlRJMjtQVMaUqcWKqwI2psAUqeXG3rWzmmEabmxSIAuKDH1HBEqILzcIonuzJc1RZwEHG4OQEnOKBfATon1zJ2ywrMMzJgcSn5xJM1tzoZOGAKcIAJ5JJ1AKowOGB5kxAAu0LjVSFukH2uEKLRkzpIIzp1AJMG16t&hsh=696f1484f9a3ea44fb9a9e102afe0c35601023ba9984f38c HTTP/1.1 

                                        
                                            
Host: track.hawkaffinity.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://dipaka-ead.com/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.21.44.34

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
date: Fri, 02 Dec 2022 08:28:34 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbtBzGgKdpQ9PYzsxILAmy0upnxDWGLaYdn%2Fw%2BlDp%2BMSWKhuiTGXwveFx4syiE3lIRUoUzeP4B2ojgvJON3Iq2wcDM3mHa0ulUklq1g6G2%2FLshV6TRf%2Bgv22UOF9S8YV3QWDfOhIYAO0"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7732b096df041c0e-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text

                                                Size:   755

                                                Md5:    2f6dcc6b5854310281558af29aafdbec

                                                Sha1:   c59eab1ad2257d5deaf8d60222d5888ccbe28558

                                                Sha256: 9972f50e0256d54dad8d7a592cfb5ae5bc2e67702d4fd32d7f771f0db78b54e8

                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 

                                        
                                            
Host: img1.wsimg.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www6.hotelcomparely.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
If-Modified-Since: Fri, 16 Sep 2022 17:52:00 GMT 

                                        
                                            
If-None-Match: "04bb6e8d9135d976f28e9ba68fbc6f67" 

                                        
                                            
Cache-Control: max-age=0 

                                        
                                            
TE: trailers

                                         95.101.10.129

                                        
                                            HTTP/2 304 Not Modified 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
last-modified: Fri, 16 Sep 2022 17:52:00 GMT 

                                        
                                            
etag: "04bb6e8d9135d976f28e9ba68fbc6f67" 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
expires: Sat, 02 Dec 2023 08:28:38 GMT 

                                        
                                            
date: Fri, 02 Dec 2022 08:28:38 GMT 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.godaddy.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 75 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         192.124.249.23

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: Sucuri/Cloudproxy 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:38 GMT 

                                        
                                            
Content-Length: 1777 

                                        
                                            
Connection: keep-alive 

                                        
                                            
X-Sucuri-ID: 19023 

                                        
                                            
Content-Transfer-Encoding: Binary 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 21:44:22 GMT 

                                        
                                            
Expires: Fri, 02 Dec 2022 21:44:22 GMT 

                                        
                                            
ETag: "fe56cd4e93ef5f3756ad54725d77a20c6c4aabf8" 

                                        
                                            
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1777

                                                Md5:    68ddd4644740d87807af92613c4f8029

                                                Sha1:   fe56cd4e93ef5f3756ad54725d77a20c6c4aabf8

                                                Sha256: 0c7da6b23f49c97ac475462d5f7c5000f6a88bc22398d59ceb7397372967e52d

                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 

                                        
                                            
Host: www.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www6.hotelcomparely.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui" 

                                        
                                            
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]} 

                                        
                                            
date: Fri, 02 Dec 2022 08:28:37 GMT 

                                        
                                            
expires: Fri, 02 Dec 2022 08:28:37 GMT 

                                        
                                            
cache-control: private, max-age=3600 

                                        
                                            
etag: "13012075086301908205" 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1885)

                                                Size:   53480

                                                Md5:    485e65610eb2ebdbcc10e85715122d37

                                                Sha1:   9bfc3f3add23f16e5ae10206589119b638cf4f8a

                                                Sha256: 5a0cd84826bed56584e38971c9addd985d0d3691cca725de30b8592154109afe

                                        
                                            OPTIONS /v1/domains/domain?domain=www6.hotelcomparely.com&portfolioId= HTTP/1.1 

                                        
                                            
Host: api.aws.parking.godaddy.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: GET 

                                        
                                            
Access-Control-Request-Headers: x-request-id 

                                        
                                            
Referer: http://www6.hotelcomparely.com/ 

                                        
                                            
Origin: http://www6.hotelcomparely.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Cache-Control: max-age=0

                                         3.85.157.241

                                        
                                            HTTP/2 200 OK

                                        

                                        
                                            
date: Fri, 02 Dec 2022 08:28:38 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
set-cookie: AWSALB=IBkby9j+XWqVfs44FFG77fgwopDN19C++csBIuJV0HGAUaYo0cWSWcmf4dUXiqmwYqT90m1T8TZldR31pwo6Q7ZhRdU66w+nuRCOEHyKSmDiVIz6v7N4j/nt58Ip; Expires=Fri, 09 Dec 2022 08:28:38 GMT; Path=/
AWSALBCORS=IBkby9j+XWqVfs44FFG77fgwopDN19C++csBIuJV0HGAUaYo0cWSWcmf4dUXiqmwYqT90m1T8TZldR31pwo6Q7ZhRdU66w+nuRCOEHyKSmDiVIz6v7N4j/nt58Ip; Expires=Fri, 09 Dec 2022 08:28:38 GMT; Path=/; SameSite=None; Secure 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: X-Request-Id 

                                        
                                            
access-control-allow-methods: GET, HEAD, OPTIONS 

                                        
                                            
access-control-allow-origin: http://www6.hotelcomparely.com 

                                        
                                            
access-control-max-age: 600 

                                        
                                            
x-request-id: DShYj4T8 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:38 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    a9bdfccd1df3e323e28d92aea1077409

                                                Sha1:   4625fbbbbb614755a86dabddfaf40e99b3934ba6

                                                Sha256: 8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:38 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    a9bdfccd1df3e323e28d92aea1077409

                                                Sha1:   4625fbbbbb614755a86dabddfaf40e99b3934ba6

                                                Sha256: 8020fb77bd7e1b8cc3e2fed030e59d004e720c61162046fc93285c1ca07c0e66

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:38 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    ebd276a987cbfec50bf95ce593a6dbc6

                                                Sha1:   0b03e0bb38915c84e23d9369d7f2947d6d73bafb

                                                Sha256: de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c

                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 

                                        
                                            
Host: afs.googleusercontent.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.129

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/svg+xml

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers" 

                                        
                                            
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]} 

                                        
                                            
content-length: 174 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Thu, 01 Dec 2022 19:59:49 GMT 

                                        
                                            
expires: Fri, 02 Dec 2022 18:59:49 GMT 

                                        
                                            
cache-control: public, max-age=82800 

                                        
                                            
age: 44929 

                                        
                                            
last-modified: Thu, 22 Oct 2020 21:45:00 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators

                                                Size:   174

                                                Md5:    4de8b85c8915995b571bde50e231be7c

                                                Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99

                                                Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a

                                        
                                            POST /v1/parkingEvents HTTP/1.1 

                                        
                                            
Host: api.aws.parking.godaddy.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: http://www6.hotelcomparely.com/ 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Origin: http://www6.hotelcomparely.com 

                                        
                                            
Content-Length: 716 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         3.85.157.241

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
date: Fri, 02 Dec 2022 08:28:39 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
set-cookie: AWSALB=goLy8HryBTf1Dwu0Shx/xBa5MGJqorkaKqT4QfTewbB4qNsePAgCXPetywepohF+XsxeazowYnVRtuyTNyFV1r8YpbXMUzeINCZmIXLC8uml8TafYQA0jp/imbf9; Expires=Fri, 09 Dec 2022 08:28:39 GMT; Path=/
AWSALBCORS=goLy8HryBTf1Dwu0Shx/xBa5MGJqorkaKqT4QfTewbB4qNsePAgCXPetywepohF+XsxeazowYnVRtuyTNyFV1r8YpbXMUzeINCZmIXLC8uml8TafYQA0jp/imbf9; Expires=Fri, 09 Dec 2022 08:28:39 GMT; Path=/; SameSite=None; Secure 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "AE76BBB6CDDD1D36AF146EE9CF320B43B3DC249B5CAD29A2AEC3A6C50D522CB5" 

                                        
                                            
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=13729 

                                        
                                            
Expires: Fri, 02 Dec 2022 12:17:28 GMT 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:39 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f5798030605547f4ecea8d47cf4044ee

                                                Sha1:   3724b1ed897a387dcf8cfe53e5f13671f7547733

                                                Sha256: ae76bbb6cddd1d36af146ee9cf320b43b3dc249b5cad29a2aec3a6c50d522cb5

                                        
                                            OPTIONS /sn/ HTTP/1.1 

                                        
                                            
Host: postback.trafficmotor.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Access-Control-Request-Method: POST 

                                        
                                            
Access-Control-Request-Headers: content-type 

                                        
                                            
Referer: http://www6.hotelcomparely.com/ 

                                        
                                            
Origin: http://www6.hotelcomparely.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         45.79.38.145

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Server: openresty/1.13.6.1 

                                        
                                            
Date: Fri, 02 Dec 2022 08:28:39 GMT 

                                        
                                            
Content-Length: 0 

                                        
                                            
Connection: close 

                                        
                                            
Allow: HEAD, GET, POST, OPTIONS 

                                        
                                            
Access-Control-Allow-Origin: http://www6.hotelcomparely.com 

                                        
                                            
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT 

                                        
                                            
Vary: Origin 

                                        
                                            
Access-Control-Allow-Headers: content-type 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /aff_r?offer_id=10742&aff_id=101167&url=https%3A%2F%2Fji.hotelcomparly.com%2Fa%2Fbk%3Ftransaction_id%3D1028c5537174b55a15feca4f716165&urlauth=480979388875946607301391358632 HTTP/1.1 

                                        
                                            
Host: trk.buyent.xyz

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://hawkaffinity.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: enc_aff_session_10742=ENC031d38da2fe48abd468987f3b4d3f1a15c403e137668a024da84f156f02440ee484422e5aae07b5be67a058ca078ea49cef8acaa6f6399e95a4a5f1e7506329681b00e7abd735cf37a32b8abe65097ac11ec061a28dc286ed26e01d9fa35efb8b012c49e5138814087a02f31737495c6fc6ca072f52247a8f8c7e9e43bfd1bc43ec1a7874ee916c080123f1de9d98ce7e3e7e51598881ab238d84aec161d1ea0200e5077e0; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.21.68.113

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html

                                        

                                        
                                            
date: Fri, 02 Dec 2022 08:28:34 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-request-id: 8c78645064612d1478600bf485d96227 

                                        
                                            
access-control-allow-headers: Tune-SDK-Version 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMIe9yt810LfiP8MYw2K%2BcJMOzS%2F5yA5U4lDX8mIjlgDU3cpl%2BUFKc38xsOXe%2Fn%2Besf%2BP2tJJo2n3PkF4m63zInLtGvVBcXw0c4cemvktFH3%2F05po%2FgDlJORdMwYTq0W%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7732b09d6df7b4e8-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	dollargeneral.co/
IP	172.98.192.37 (United States)
ASN	#31863 DACEN-2
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-02 08:28:41 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (25)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.98.192.37

Last 5 reports on ASN: DACEN-2

Last 3 reports on domain: dollargeneral.co

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (71)

Overview

Domain Summary (25)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.98.192.37

Last 5 reports on ASN: DACEN-2

Last 3 reports on domain: dollargeneral.co

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (17)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (71)

Network Intrusion Detection Systems