Overview

URLburgen.com/http:/burgen.com/mtm/direct/.eJyrViotylSyUtJX0lFKLEovBjKBrKLUtNSi1CIIJyO_uCQ-LzE3FchNKi1KT83TS87PBalPTk4tKAGKaulrKdUCADd8Fis:1ozFIn:kQ_LVxfHNKlf9_CEKN4z7JY_RSc
IP 45.33.20.235 (United States)
ASN#63949 Linode, LLC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 21:15:30 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (17)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
burgen.com (2) 0 2016-07-05 01:04:14 UTC 2022-11-05 16:16:01 UTC 45.33.30.197 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:46:10 UTC 34.117.237.239
ocsp.pki.goog (7) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
api.aws.parking.godaddy.com (5) 36127 No data No data 18.207.17.77
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
ocsp.godaddy.com (1) 698 2012-05-20 19:28:57 UTC 2020-05-02 20:58:10 UTC 192.124.249.22
partner.googleadservices.com (1) 798 2012-10-03 01:04:21 UTC 2022-11-28 05:50:00 UTC 172.217.21.162
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-28 05:49:46 UTC 142.250.74.164
www6.burgen.com (2) 0 No data No data 35.186.238.101 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.43.61.95
postback.trafficmotor.com (2) 96726 2019-11-09 13:35:40 UTC 2022-11-28 05:15:30 UTC 45.79.38.145
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
img1.wsimg.com (4) 9893 2012-06-20 14:42:31 UTC 2020-04-15 04:54:15 UTC 23.36.79.16
afs.googleusercontent.com (2) 12123 2013-05-07 00:37:08 UTC 2020-04-20 08:38:35 UTC 142.250.74.33
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-28 2 burgen.com/http:/burgen.com/mtm/direct/.eJyrViotylSyUtJX0lFKLEovBjKBrKLUtNS (...) Malware
2022-11-28 2 burgen.com/mtm/async/.eJxdj1FPgzAcxL8LjxPpyJaMYXwYOHSU4CZs0SfSlQJ1LcXuz4QZv (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.33.20.235
Date UQ / IDS / BL URL IP
2023-01-27 00:39:56 +0000 0 - 0 - 1 www.paradisebooks.org/ 45.33.20.235
2023-01-26 07:43:07 +0000 0 - 0 - 1 3990.net/ 45.33.20.235
2023-01-25 09:35:28 +0000 0 - 0 - 2 store.oldoutnewin.com/ 45.33.20.235
2023-01-25 06:10:25 +0000 0 - 0 - 3 www70.tenthumbs.com/ 45.33.20.235
2023-01-25 02:41:42 +0000 0 - 0 - 2 krxt.com/ 45.33.20.235


Last 5 reports on ASN: Linode, LLC
Date UQ / IDS / BL URL IP
2023-01-28 14:06:13 +0000 32 - 19 - 9 web3-mygov.duckdns.org/refund-status/app/smse (...) 45.33.117.119
2023-01-28 13:52:49 +0000 0 - 0 - 2 letmedownload.in/ 198.58.118.167
2023-01-28 13:42:18 +0000 0 - 1 - 0 d1.amazonfile.net/download/leawo_com/video2ip (...) 45.33.17.253
2023-01-28 13:40:46 +0000 0 - 1 - 0 d2.amazonfile.net/download/leawo_com/bluray2m (...) 50.116.3.167
2023-01-28 13:31:48 +0000 0 - 0 - 3 tobecoaching.co.uk/lfi9iu.rar 139.162.200.189


Last 5 reports on domain: burgen.com
Date UQ / IDS / BL URL IP
2022-12-05 17:14:06 +0000 0 - 0 - 2 burgen.com/http:/burgen.com/mtm/direct/.ejyrv (...) 45.56.79.23
2022-12-05 17:14:05 +0000 0 - 0 - 2 burgen.com/http:/burgen.com/mtm/async 45.56.79.23
2022-11-29 11:26:56 +0000 0 - 0 - 2 burgen.com/http:/burgen.com/mtm/direct/.eJyrV (...) 45.33.20.235
2022-11-28 21:15:30 +0000 0 - 0 - 2 burgen.com/http:/burgen.com/mtm/direct/.eJyrV (...) 45.33.20.235
2022-11-28 21:15:30 +0000 0 - 0 - 2 burgen.com/http:/burgen.com/mtm/async 45.56.79.23


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-28 21:15:30 +0000 0 - 0 - 2 burgen.com/http:/burgen.com/mtm/async 45.56.79.23
2022-10-23 07:21:07 +0000 0 - 0 - 1 dayot.com/mtm/direct/.eJxdyUEOwjAMRNG7eFmimmV (...) 45.33.23.183
2022-12-29 17:48:01 +0000 0 - 0 - 2 ctbu.com/http:/ctbu.com/mtm/direct/.ejyrvioty (...) 96.126.123.244
2022-09-15 09:19:30 +0000 0 - 0 - 1 uhoh.net/mtm/direct/.eJxdycsKwkAMheF3ybIOjUut (...) 96.126.123.244
2022-12-24 08:29:28 +0000 0 - 0 - 2 bkwc.com/ 45.33.18.44

JavaScript

Executed Scripts (8)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (47)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11614
Expires: Tue, 29 Nov 2022 00:28:53 GMT
Date: Mon, 28 Nov 2022 21:15:19 GMT
Connection: keep-alive

                                        
                                            GET /http:/burgen.com/mtm/direct/.eJyrViotylSyUtJX0lFKLEovBjKBrKLUtNSi1CIIJyO_uCQ-LzE3FchNKi1KT83TS87PBalPTk4tKAGKaulrKdUCADd8Fis:1ozFIn:kQ_LVxfHNKlf9_CEKN4z7JY_RSc HTTP/1.1 
Host: burgen.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.33.30.197
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Mon, 28 Nov 2022 21:15:19 GMT
content-length: 5338
vary: Accept-Language
content-language: en
connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (472)
Size:   5338
Md5:    be826e5c9c54489d21b7f7e956e0ac63
Sha1:   2eaa17bb0e00f69a7fdf38f3149221986d2daccf
Sha256: baabd5c65d2afd5610a26dca93650dc7a55a1b65a33602c91ed688b6a6956ef7

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6123
Cache-Control: max-age=140284
Date: Mon, 28 Nov 2022 21:15:19 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:13:23 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15257
Expires: Tue, 29 Nov 2022 01:29:36 GMT
Date: Mon, 28 Nov 2022 21:15:19 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 20:19:33 GMT
cache-control: public,max-age=3600
age: 3346
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 7FRiqsKDMVHZYj5ujQE57nyVNW1flda4znfuA78j4BK25lGKRVQ+madtfNpqQFPoUcIZDy8ca2wR7jcc0zah7Q==
x-amz-request-id: MKBR7BJVVENXRE5K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 20:45:10 GMT
age: 1809
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 21:15:19 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /mtm/async/.eJxdj1FPgzAcxL8LjxPpyJaMYXwYOHSU4CZs0SfSlQJ1LcXuz4QZv7tMTUx8u_vdPdx9GK3mhmugCqBx0b7VJastqiSSIFHONaOALBb2escV9CLptxA-j0WAo6U6ea_Y0zjaQpxw21-twv4xa_3NdXReTgJaxZjbOHUmaeLM1h4R6_QwBby4x6QVGudbf3GXOwE_urY6B6vaPWyyaNcVDzEWxTzzlzienmfhS_aUUMM0iC6Pw9JBaVYwzfSPqdQRsppINti_-Zc-payBgQLrYPgnhUmaRnBKgKsadRdy1f2nUty83Y6tucklKRkiJ178yne2b8wRGn3njvH5BYPSadY:1ozlTD:alVCqXttsXO71HpoumqQ48zhX1A/1/ HTTP/1.1 
Host: burgen.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://burgen.com/http:/burgen.com/mtm/direct/.eJyrViotylSyUtJX0lFKLEovBjKBrKLUtNSi1CIIJyO_uCQ-LzE3FchNKi1KT83TS87PBalPTk4tKAGKaulrKdUCADd8Fis:1ozFIn:kQ_LVxfHNKlf9_CEKN4z7JY_RSc
Connection: keep-alive

search
                                         45.33.30.197
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
server: openresty/1.13.6.1
date: Mon, 28 Nov 2022 21:15:19 GMT
content-length: 476
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJidXJnZW4uY29tIiwiaHR0cDovL3d3dzYuYnVyZ2VuLmNvbS8_dGVtcGxhdGU9QVJST1dfMyZ0ZGZzPTEmc190b2tlbj0xNjY5NjY4ODQ2LjA0NzE4NTAwMDAmdXVpZD0xNjY5NjY4ODQ2LjA0NzE4NTAwMDAmdGVybT1FbGl0ZSUyMERhdGluZyUyMFNlcnZpY2VzJnRlcm09R2V0JTIwQW4lMjBPbmxpbmUlMjBEZWdyZWUmdGVybT1PbmxpbmUlMjBDYXJlZXIlMjBDb3Vuc2VsaW5nJTIwUHJvZ3JhbXMmdGVybT1Mb3dlc3QlMjBDYXIlMjBJbnN1cmFuY2UlMjBSYXRlcyZ0ZXJtPURlZGljYXRlZCUyMEdhbWluZyUyMFNlcnZlcnMmdGVybT1EZWRpY2F0ZWQlMjBHYW1pbmclMjBTZXJ2ZXJzJnRlcm09T25saW5lJTIwQ2FyZWVyJTIwQ291bnNlbGluZyUyMFByb2dyYW1zJnRlcm09R2V0JTIwYW4lMjBPbmxpbmUlMjBEZWdyZWUmdGVybT1PbmxpbmUlMjBDYXJlZXIlMjBDb3Vuc2VsaW5nJTIwUHJvZ3JhbXMmc2VhcmNoYm94PTAmc2hvd0RvbWFpbj0xJmJhY2tmaWxsPTAiLDEsIjIwMjItMTEtMjggMjA6NTQ6MDYiLDMsIjE2Njk2Njg4NDYuMDQ3MTg1NzMwMiIsMzAwLG51bGwsbnVsbF0:1ozlTD:4L88LzjqendBdNdeiOLJHqAbx1g; expires=Mon, 28-Nov-2022 22:15:19 GMT; Max-Age=3600; Path=/
connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines (476), with no line terminators
Size:   476
Md5:    ce1a222234f93325026776233b87632e
Sha1:   1167809609efbfd8f0eaeeb15589799b70618c18
Sha256: a27c01511d5e942dd558490ebd630b3ac767a3fe98a2fd1648cdb0da3a05d815

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /?template=ARROW_3&tdfs=1&s_token=1669668846.0471850000&uuid=1669668846.0471850000&term=Elite%20Dating%20Services&term=Get%20An%20Online%20Degree&term=Online%20Career%20Counseling%20Programs&term=Lowest%20Car%20Insurance%20Rates&term=Dedicated%20Gaming%20Servers&term=Dedicated%20Gaming%20Servers&term=Online%20Career%20Counseling%20Programs&term=Get%20an%20Online%20Degree&term=Online%20Career%20Counseling%20Programs&searchbox=0&showDomain=1&backfill=0 HTTP/1.1 
Host: www6.burgen.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://burgen.com/
Upgrade-Insecure-Requests: 1

search
                                         35.186.238.101
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Mon, 28 Nov 2022 21:15:19 GMT
Content-Length: 2551
Last-Modified: Wed, 19 Oct 2022 06:29:27 GMT
ETag: "634f9947-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_SlwCk4euDr0ecxytEiC4HqrpNSLKg9m9AFgHj3jNJoazxSrHyyHEKZGrt1DopWlhawNg5yCoVE1EvS90JtxhzQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    41f66bb0ac50f2d851236170e7c71341
Sha1:   59bcec216302151922219b51be8ad8ab6d0b8384
Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 21:11:12 GMT
cache-control: public,max-age=3600
age: 248
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.burgen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: ePBtPNltighZ03JBS/Xu3LYeSA7F1yzEuIL6FXs/YdArb0qYS2ZncKxSX45UyFn4EY1mPti8L0Y=
x-amz-request-id: Q5Y8PK0VHGD0XQRS
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
x-amz-server-side-encryption: AES256
x-amz-version-id: 2Wom95JLG5jhnN_DEOMzqRfOKsQDbi7Z
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 21:15:20 GMT
date: Mon, 28 Nov 2022 21:15:20 GMT
content-length: 58202
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65459)
Size:   58202
Md5:    feb46b3c6b7556a8bf123a5e87ffd2b5
Sha1:   aff2efba814012e9fe1586055599069f77e6a062
Sha256: 6f8d46c42987c0d7b471b54065e6b8fd6e965452ccc5c2fcd12f25e5362b5fd7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 21:15:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5553
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 21:15:20 GMT
Last-Modified: Mon, 28 Nov 2022 19:42:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 21:15:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /?template=ARROW_3&tdfs=1&s_token=1669668846.0471850000&uuid=1669668846.0471850000&term=Elite%20Dating%20Services&term=Get%20An%20Online%20Degree&term=Online%20Career%20Counseling%20Programs&term=Lowest%20Car%20Insurance%20Rates&term=Dedicated%20Gaming%20Servers&term=Dedicated%20Gaming%20Servers&term=Online%20Career%20Counseling%20Programs&term=Get%20an%20Online%20Degree&term=Online%20Career%20Counseling%20Programs&searchbox=0&showDomain=1&backfill=0 HTTP/1.1 
Host: www6.burgen.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=
Upgrade-Insecure-Requests: 1
If-Modified-Since: Wed, 19 Oct 2022 06:29:27 GMT
If-None-Match: "634f9947-9f7"
Cache-Control: max-age=0

search
                                         35.186.238.101
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: openresty
Date: Mon, 28 Nov 2022 21:15:20 GMT
Content-Length: 2551
Last-Modified: Sun, 27 Nov 2022 01:56:48 GMT
ETag: "6382c3e0-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_SlwCk4euDr0ecxytEiC4HqrpNSLKg9m9AFgHj3jNJoazxSrHyyHEKZGrt1DopWlhawNg5yCoVE1EvS90JtxhzQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400; country=NO;Path=/;Max-Age=86400; city="";Path=/;Max-Age=86400; expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size:   2551
Md5:    41f66bb0ac50f2d851236170e7c71341
Sha1:   59bcec216302151922219b51be8ad8ab6d0b8384
Sha256: ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.burgen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Sep 2022 17:52:00 GMT
If-None-Match: "04bb6e8d9135d976f28e9ba68fbc6f67"
Cache-Control: max-age=0
TE: trailers

search
                                         23.36.79.16
HTTP/2 304 Not Modified
content-type: application/javascript
                                        
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 21:15:20 GMT
date: Mon, 28 Nov 2022 21:15:20 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /parking-lander/static/js/main.4e219663.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.burgen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Fri, 16 Sep 2022 16:45:04 GMT
If-None-Match: "87b518e8e45487e774f8d47f2dc0026f"
Cache-Control: max-age=0
TE: trailers

search
                                         23.36.79.16
HTTP/2 304 Not Modified
content-type: application/javascript
                                        
last-modified: Fri, 16 Sep 2022 16:45:04 GMT
etag: "87b518e8e45487e774f8d47f2dc0026f"
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 21:15:20 GMT
date: Mon, 28 Nov 2022 21:15:20 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lp6WHIvCH/+h9eoxPxZpug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.43.61.95
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QjWiE7iGFfRAKxCRPVQLbuVoLZc=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Mon, 28 Nov 2022 21:15:21 GMT
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 28 Nov 2022 19:58:37 GMT
Expires: Tue, 29 Nov 2022 19:58:37 GMT
ETag: "65534e56fcaabb628f6905eb34d8d36d4d8f9176"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1777
Md5:    9f547e7a69735504a9ee93435b7d6562
Sha1:   65534e56fcaabb628f6905eb34d8d36d4d8f9176
Sha256: a75ed0aee99767a7748eeaadfd78c2651241dcbdb093660991f387b6481ceda5
                                        
                                            OPTIONS /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.burgen.com/
Origin: http://www6.burgen.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

search
                                         18.207.17.77
HTTP/2 200 OK
content-type: text/plain
                                        
date: Mon, 28 Nov 2022 21:15:20 GMT
content-length: 0
set-cookie: AWSALB=78GJJJqSMj92yCyQM+T658mCyD5Bpzqe+nd4vGO80dHrbBBui7jmprwSYS1NiO7XvXFby5kSh/g0TsmACEI0g+SOS7GgZgRcui72+3ToVnQVHsE2SD8dWK4OAB23; Expires=Mon, 05 Dec 2022 21:15:20 GMT; Path=/ AWSALBCORS=78GJJJqSMj92yCyQM+T658mCyD5Bpzqe+nd4vGO80dHrbBBui7jmprwSYS1NiO7XvXFby5kSh/g0TsmACEI0g+SOS7GgZgRcui72+3ToVnQVHsE2SD8dWK4OAB23; Expires=Mon, 05 Dec 2022 21:15:20 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.burgen.com/
Content-Type: application/json
Origin: http://www6.burgen.com
Content-Length: 693
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.207.17.77
HTTP/2 200 OK
content-type: text/plain
                                        
date: Mon, 28 Nov 2022 21:15:20 GMT
content-length: 0
set-cookie: AWSALB=a49FXUSSi32R74S+33sf7lIA3iLRryXZGeo2XNWCqQiZiHoy6xLClrWv6BPJKzs35lR4cvDbJrDELsNhTS/+l2Dgk92O/Pfhs5ElO5nk4//HhJFigyXTn9SkrNMe; Expires=Mon, 05 Dec 2022 21:15:20 GMT; Path=/ AWSALBCORS=a49FXUSSi32R74S+33sf7lIA3iLRryXZGeo2XNWCqQiZiHoy6xLClrWv6BPJKzs35lR4cvDbJrDELsNhTS/+l2Dgk92O/Pfhs5ElO5nk4//HhJFigyXTn9SkrNMe; Expires=Mon, 05 Dec 2022 21:15:20 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /v1/domains/domain?domain=www6.burgen.com&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://www6.burgen.com/
Origin: http://www6.burgen.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

search
                                         18.207.17.77
HTTP/2 200 OK
                                        
date: Mon, 28 Nov 2022 21:15:21 GMT
content-length: 0
set-cookie: AWSALB=UVuLiYS5owWGFGDoHedJnusxEqd+j/SBWqhH6BniSE/JAb2lDwPrdsnTjsAT+qy5zVUNQA+AB2gf4SmDcdmqP8UDT4eaZt4T7MblpGGeT1nTIeiy7cnEQm/yMFZf; Expires=Mon, 05 Dec 2022 21:15:21 GMT; Path=/ AWSALBCORS=UVuLiYS5owWGFGDoHedJnusxEqd+j/SBWqhH6BniSE/JAb2lDwPrdsnTjsAT+qy5zVUNQA+AB2gf4SmDcdmqP8UDT4eaZt4T7MblpGGeT1nTIeiy7cnEQm/yMFZf; Expires=Mon, 05 Dec 2022 21:15:21 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://www6.burgen.com
access-control-max-age: 600
x-request-id: uK2oKoR_
X-Firefox-Spdy: h2

                                        
                                            GET /v1/domains/domain?domain=www6.burgen.com&portfolioId= HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.burgen.com/
X-Request-Id: 88177a51-9d43-4e81-8976-a9ccf8dd1e25
Origin: http://www6.burgen.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.207.17.77
HTTP/2 200 OK
content-type: application/json
                                        
date: Mon, 28 Nov 2022 21:15:21 GMT
content-length: 990
set-cookie: AWSALB=LqUGmXlJ6DpV9qEIjoBrfKOpBT+7fjwmxiy6B+ryAY3i7DYjKGmtJQeoqe2OIdSnPlwML8P8FTsyyCFnJpAYneoPgVRkxvXW+DP+sTPFDAKDfCR1tLcnmIi+S9mG; Expires=Mon, 05 Dec 2022 21:15:21 GMT; Path=/ AWSALBCORS=LqUGmXlJ6DpV9qEIjoBrfKOpBT+7fjwmxiy6B+ryAY3i7DYjKGmtJQeoqe2OIdSnPlwML8P8FTsyyCFnJpAYneoPgVRkxvXW+DP+sTPFDAKDfCR1tLcnmIi+S9mG; Expires=Mon, 05 Dec 2022 21:15:21 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://www6.burgen.com
access-control-max-age: 600
x-request-id: 88177a51-9d43-4e81-8976-a9ccf8dd1e25
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (989)
Size:   990
Md5:    29a9bed1aca120349515c9a119e62937
Sha1:   a4f9fcf72981ccdc1ecf27617dd9c3ed0c768c83
Sha256: 04f0498f203e4a782c5d58d5624aa290e24ed78e0475b79b94deacf2e55bee45
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 21:15:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gampad/cookie.js?domain=www6.burgen.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.burgen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 21:15:21 GMT
server: cafe
cache-control: private
content-length: 179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   179
Md5:    f459112d5dc1d11fada4be6dd4691214
Sha1:   9cb266e4fbaafbeb64ce729ed4bd5556ba9642ae
Sha256: 920835e4693da3a94efd2e11fa0502fcd03a09222d09214dc86df2dd3dbe6e99
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 21:15:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 21:15:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 20:03:55 GMT
expires: Tue, 29 Nov 2022 19:03:55 GMT
cache-control: public, max-age=82800
age: 4286
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size:   272
Md5:    bbbac37f0b6e29a6099e4aa7cb19d6ca
Sha1:   0acafe95e2141f0af6109203efeb2d98e6b926c6
Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 21:15:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 12:02:57 GMT
expires: Tue, 29 Nov 2022 11:02:57 GMT
cache-control: public, max-age=82800
age: 33144
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   174
Md5:    4de8b85c8915995b571bde50e231be7c
Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 28 Nov 2022 21:15:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /v1/parkingEvents HTTP/1.1 
Host: api.aws.parking.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.burgen.com/
Content-Type: application/json
Origin: http://www6.burgen.com
Content-Length: 732
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.207.17.77
HTTP/2 200 OK
content-type: text/plain
                                        
date: Mon, 28 Nov 2022 21:15:21 GMT
content-length: 0
set-cookie: AWSALB=XxUZ/Ns1zyRShpsFp6jltYNr0fFUoTVWjGncy8EeB9cN9JOE5Vo5wPkw/cCGn0vNLdDmo+9mB+Z5y/7AWGFjr8+yTQJ0lkefVhJ59/vw+kNcUKkWBJE0oM6UZZnC; Expires=Mon, 05 Dec 2022 21:15:21 GMT; Path=/ AWSALBCORS=XxUZ/Ns1zyRShpsFp6jltYNr0fFUoTVWjGncy8EeB9cN9JOE5Vo5wPkw/cCGn0vNLdDmo+9mB+Z5y/7AWGFjr8+yTQJ0lkefVhJ59/vw+kNcUKkWBJE0oM6UZZnC; Expires=Mon, 05 Dec 2022 21:15:21 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8BF3C6BD7EF591EBD731E32F1F2C70229C0DA1521E45F5055180B28BD13AF624"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1888
Expires: Mon, 28 Nov 2022 21:46:49 GMT
Date: Mon, 28 Nov 2022 21:15:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14618
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 21:15:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14618
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 21:15:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14618
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 21:15:21 GMT
Connection: keep-alive

                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.burgen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 28 Nov 2022 21:15:20 GMT
expires: Mon, 28 Nov 2022 21:15:20 GMT
cache-control: private, max-age=3600
etag: "13964837852387922614"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   53979
Md5:    6ed6d837bd9ddd0c87fc5ffc0c4ec7be
Sha1:   105383a26adc7e04cacefd82c11925cab3d49be5
Sha256: 0e85d7c99c40ac7c2c64153531652cf2834fe6aa6eea5b8637e4ef05366888b1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14618
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 21:15:21 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 47022
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8885
Md5:    3a1a4e00f1f15827cf651f373863c379
Sha1:   70c2a238f06ca7e56ef80c83738e081bf0de3330
Sha256: 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 83645
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 83635
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6376
Md5:    78b1389f425425d0450c94d900404dc4
Sha1:   53b12a8702f7c5b7cc697e2a24da824d9434be65
Sha256: 0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U_gitOWWMPO7M5Dd0WktaigfRERa93d86MhziLjZ2qnuON_K5NauyQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:37 GMT
age: 84044
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10119
Md5:    15bd53848c7082464273007e010c54e0
Sha1:   9a3ca698ca1aeae695923277ed2244465e01a1ea
Sha256: 36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 84218
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10199
Md5:    2cd887044e91d7ed0f1a8d7119ff7dd0
Sha1:   ae8aa4ce6ddaccba771fe65446926b60fc5628da
Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9546
x-amzn-requestid: 60e352b5-ab38-4975-bf26-500f0a639a2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFfulExwIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637edff6-1364912f7fd292da6453a83e;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 03:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qtRAIXoswvTgNWZzaQE1WHZQXoJRtK9nKpusFtXH3pDRHH_DZtsLFw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:59:09 GMT
age: 33372
etag: "373c96c2e0006d70954d4b4ebd850f62f558e92c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9546
Md5:    9a6e5f60b87d3879606a6707feb37a73
Sha1:   373c96c2e0006d70954d4b4ebd850f62f558e92c
Sha256: 1ae48f692f44d357e21eec708b46f22c36a3de21be8d0f1c2035d197e0aa89de
                                        
                                            OPTIONS /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www6.burgen.com/
Origin: http://www6.burgen.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: openresty/1.13.6.1
Date: Mon, 28 Nov 2022 21:15:21 GMT
Content-Length: 0
Connection: close
Allow: HEAD, GET, POST, OPTIONS
Access-Control-Allow-Origin: http://www6.burgen.com
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Access-Control-Allow-Headers: content-type

                                        
                                            POST /sn/ HTTP/1.1 
Host: postback.trafficmotor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www6.burgen.com/
Content-Type: application/json
Origin: http://www6.burgen.com
Content-Length: 137
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         45.79.38.145
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: openresty/1.13.6.1
Date: Mon, 28 Nov 2022 21:15:22 GMT
Content-Length: 3
Connection: close
Access-Control-Allow-Origin: http://www6.burgen.com
Vary: Origin


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   3
Md5:    8a80554c91d9fca8acb82f023de02f11
Sha1:   5f36b2ea290645ee34d943220a14b54ee5ea5be5
Sha256: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
                                        
                                            GET /parking-lander/static/js/2.5940ae1c.chunk.js HTTP/1.1 
Host: img1.wsimg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www6.burgen.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.16
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: Ft4hH0fy+dFAnl68G4QyXJ3pS5VY+/K35zEViDI+w7z+sTosafl2fAW4g9NrUhyUgJ7JKbozLe8=
x-amz-request-id: FBDK3VS1K6HF0NCR
last-modified: Fri, 16 Sep 2022 17:52:00 GMT
etag: "04bb6e8d9135d976f28e9ba68fbc6f67"
x-amz-server-side-encryption: AES256
x-amz-version-id: 4zafttojs22R6rxiZs_M0ICLL.vyZxyd
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Tue, 28 Nov 2023 21:15:20 GMT
date: Mon, 28 Nov 2022 21:15:20 GMT
content-length: 135541
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---