amason-reward.store/
18.158.98.109301 Moved Permanently 707 B IP 18.158.98.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Cache-Control: public, max-age=2592000
Content-Type: text/html
Date: Sat, 25 Feb 2023 08:08:16 UTC
Display: staticcontent_sol, orig_site_sol
Location: https://amason-reward.store/
Pagespeed: off
Response: 301
Server: LiteSpeed
Vary: Accept-Encoding,User-Agent,Origin
X-Ez-Proxy-Out: true 2.3
X-Ezoic-Cdn: Hit ds;mm;69319cda39fd25ca81a16789ef4aca44;2-279054-0;feac6a8b-b8b3-4e30-7f84-f3818159074b
X-Middleton-Display: staticcontent_sol, orig_site_sol
X-Middleton-Response: 301
X-Origin-Cache-Control:
X-Sol: orig
X-Turbo-Charged-By: LiteSpeed
Content-Length: 707
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4807
Expires: Sat, 25 Feb 2023 09:28:23 GMT
Date: Sat, 25 Feb 2023 08:08:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6132
Expires: Sat, 25 Feb 2023 09:50:28 GMT
Date: Sat, 25 Feb 2023 08:08:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Feb 2023 07:12:28 GMT
content-type: application/json
age: 3348
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d4569ebd95f766b8f22ed69d69334c37
a7fcd3f640877885077a4126708968d7e1e0d252
e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4071
Expires: Sat, 25 Feb 2023 09:16:07 GMT
Date: Sat, 25 Feb 2023 08:08:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Z+CC8hWjWGgsRusuZtzR2lfGnP88ub4mlnWueT6FlaqjADwXzj+X1cPHF0rr77OIjndaEHecAt0=
x-amz-request-id: 3PK5J7WH8HPFRRP5
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Feb 2023 07:30:55 GMT
age: 2241
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 08:08:16 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 44aa70b9b2d643266282537119899e13
25c17a49dead30a1fda5d02c47a14f19b53361ac
5c1cc831c5323fdc8953bd7736901af9d2b6a1c8b9a9803d8fbaa4f27ab401fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C1CC831C5323FDC8953BD7736901AF9D2B6A1C8B9A9803D8FBAA4F27AB401FA"
Last-Modified: Sat, 25 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 25 Feb 2023 14:08:16 GMT
Date: Sat, 25 Feb 2023 08:08:16 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c61fa65db2b0649528a3908a0805d13
519a1fe9345f3aa51fa68d1e25b6c8c33ff006fd
753cf83a67ce001049736872db65156c5d6787e37533b173a4331fb6137e7c2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Feb 2023 08:08:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 20c8c39880c6f3b544077f8e8377a114
6df1d4c89e08f938238f41220c05c60271928591
17d3d2aa760d10eaa5d8728275c1c17a349855b409292122cc8e5241fee52e1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2178
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 25 Feb 2023 08:08:16 GMT
Last-Modified: Sat, 25 Feb 2023 07:31:58 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Cache-Control, Backoff, Pragma, Expires, Last-Modified, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Feb 2023 08:03:34 GMT
age: 282
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
amason-reward.store/wp-content/themes/magbook/js/magbook-main.js?ver=6.1.1
18.159.80.129200 OK 779 B URL HTTP/2 amason-reward.store/wp-content/themes/magbook/js/magbook-main.js?ver=6.1.1
IP 18.159.80.129:0
File type ASCII text, with very long lines (2868), with no line terminators
Hash 570e64f401bb2a43cc86223dbbf8fd1d
e37422812a951507110d819f4888b85da00cbfa3
f33a3673d4bd96d1a6daf88cf72f9657f673e543943ceecb360eda6fab083eba
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/js/magbook-main.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;a074aad778e82ca810e1b1240bdf0ab0;2-279054-0;1cbdd19d-6d1e-45c5-5821-c9f2f198656d
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 779
X-Firefox-Spdy: h2
amason-reward.store/wp-content/themes/magbook/js/flexslider-setting.js?ver=6.1.1
18.159.80.129200 OK 404 B URL HTTP/2 amason-reward.store/wp-content/themes/magbook/js/flexslider-setting.js?ver=6.1.1
IP 18.159.80.129:0
File type ASCII text, with very long lines (1584), with no line terminators
Hash 1fffc9308831ace4a266b34d8024d4ee
19620536400dfd0250eb398265772675664f06aa
9d3e954c95634731f7501eb52a2c09b03d2c9b57a893133903f5479a929f4f22
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/js/flexslider-setting.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;967340d8af3dca8f2f64b43336ae4a74;2-279054-0;db7b4a40-2460-4ef2-576d-873b604f1fbc
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 404
X-Firefox-Spdy: h2
amason-reward.store/wp-includes/css/classic-themes.min.css?ver=1
18.159.80.129200 OK 147 B URL HTTP/2 amason-reward.store/wp-includes/css/classic-themes.min.css?ver=1
IP 18.159.80.129:0
Hash c17edde4319627306a9db703afc1f4b7
81c9bf3ddadeb0b0f2b11062f550f9c491896f7a
7134a8432bfea574db64b77f428ec50c64299f53a03d64a2f9e67b86751ed7a2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: text/css
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol, orig_site_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;bf6da4d3b5048332618ff28e7860c25c;2-279054-0;3630ea7f-cf20-444b-4ff7-db3452a331c0
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-sol: orig
x-turbo-charged-by: LiteSpeed
content-length: 147
X-Firefox-Spdy: h2
amason-reward.store/wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.1.1
18.159.80.129200 OK 173 B URL HTTP/2 amason-reward.store/wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.1.1
IP 18.159.80.129:0
File type ASCII text, with very long lines (325), with no line terminators
Hash 78f64ed535b78f61826ffd54a8c42540
3eaaedf3815725f8f17ea5f3581bab5fa52ef8cd
9744c591427e1fdf99dabb708bd748ecead99f2b9c991521503a1fc09dae8287
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;191592a2436f606a0ffad024a7470422;2-279054-0;91eb8227-0702-4741-6cb2-69815a9ccf5b
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 173
X-Firefox-Spdy: h2
amason-reward.store/wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.1.1
18.159.80.129200 OK 111 B URL HTTP/2 amason-reward.store/wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.1.1
IP 18.159.80.129:0
File type ASCII text, with no line terminators
Hash cb7a12589ff6d000681b418b98780359
1575afc4339fdc6d98fd86a10e0eb2f8bbd98b75
a3e228976c123893fde1ad656db9fd81baceee354dc924c70d3965ce16196dc8
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:17 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;0e42518218098fd548b414fad6972013;2-279054-0;52d941c6-1153-43dd-605f-b6c7cb8412c5
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 111
X-Firefox-Spdy: h2
amason-reward.store/wp-content/themes/magbook/js/navigation.js?ver=6.1.1
18.159.80.129200 OK 531 B URL HTTP/2 amason-reward.store/wp-content/themes/magbook/js/navigation.js?ver=6.1.1
IP 18.159.80.129:0
File type ASCII text, with very long lines (1541), with no line terminators
Hash a83e96c579b61bc5e9105685b9c69fcf
f112da3787429a16fd6d9af5d6c55dee8f037e05
e95d7e1a039159c116537badf624899f453bef621d25d89b3081f887224d8c52
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/js/navigation.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:17 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;a5c54019069fe42801661a7e6a91aaa1;2-279054-0;eb43ffa6-97d9-4911-5a68-7f9f78dc1a7e
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 531
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 20c8c39880c6f3b544077f8e8377a114
6df1d4c89e08f938238f41220c05c60271928591
17d3d2aa760d10eaa5d8728275c1c17a349855b409292122cc8e5241fee52e1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2179
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 25 Feb 2023 08:08:17 GMT
Last-Modified: Sat, 25 Feb 2023 07:31:58 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
amason-reward.store/wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.1.1
18.159.80.129200 OK 1.4 kB URL HTTP/2 amason-reward.store/wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.1.1
IP 18.159.80.129:0
File type ASCII text, with very long lines (4325), with no line terminators
Hash 42e1af0169f2376f58e91c710ed6559a
22dd9d413b174cc00b0252d223607baab7394277
aa0f44efbfb4c7e58dbbf77e3175c4e5175d54bf1c8621b09f2cf6816c91a282
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:17 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;42ed9948c2c15ac68420b53bb6ad2cd9;2-279054-0;3ff4cdd9-f453-4d69-4215-204f6dce318e
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-length: 1378
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c61fa65db2b0649528a3908a0805d13
519a1fe9345f3aa51fa68d1e25b6c8c33ff006fd
753cf83a67ce001049736872db65156c5d6787e37533b173a4331fb6137e7c2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Feb 2023 08:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4aaa1f1be68ba53b441e577dcbf8b7c1
618b2e62b7f2feb82093a3706573e18ff9f69827
8d3978b35fd96458b8fff71c9dbb47ab616dfd49d669027fd6c5a52a4e9bafa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D3978B35FD96458B8FFF71C9DBB47AB616DFD49D669027FD6C5A52A4E9BAFA0"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5345
Expires: Sat, 25 Feb 2023 09:37:22 GMT
Date: Sat, 25 Feb 2023 08:08:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f5393bdf67db2c8d07ee424c4214a9ba
e1206cd471230bed576c43b7940e7d26d2f3bd75
6b5fce5804af462d06c525c0cb9695e72bead32a1df9fa9d779ec54f60261b4a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B5FCE5804AF462D06C525C0CB9695E72BEAD32A1DF9FA9D779EC54F60261B4A"
Last-Modified: Sat, 25 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10627
Expires: Sat, 25 Feb 2023 11:05:24 GMT
Date: Sat, 25 Feb 2023 08:08:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4432722afb07ba74051c88ed8a3d0c96
e5715d828785bd764f820cde1e387e4e83aaae99
bfcd2cd628b37ac53fcf981f360c95f65596b61bc8ea8dcee44b9a128bb3e48d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Feb 2023 08:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
amason-reward.store/wp-content/themes/magbook/style.css?ver=6.1.1
18.159.80.129200 OK 19 kB URL HTTP/2 amason-reward.store/wp-content/themes/magbook/style.css?ver=6.1.1
IP 18.159.80.129:0
File type ASCII text, with very long lines (996)
Hash 710c7235d6c29e81ee3ece7a91cdb342
b20d2e637633d2021f5c919210a2f5580e4789f9
351e8199bc55f6ca05b68dcbd0cd21d388a3cc3269162fecd463b49fe7a2cb27
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/style.css?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: text/css
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol, orig_site_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;3a30ec7fe4884e8163b7ad74f9f806d7;2-279054-0;06e170eb-201a-48b7-4a45-6ca7da9cb57b
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-sol: orig
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
amason-reward.store/wp-content/themes/magbook/assets/font-awesome/css/font-awesome.min.css?ver=6.1.1
18.159.80.129200 OK 7.1 kB URL HTTP/2 amason-reward.store/wp-content/themes/magbook/assets/font-awesome/css/font-awesome.min.css?ver=6.1.1
IP 18.159.80.129:0
File type ASCII text, with very long lines (30837)
Hash 534d28738a74e5d595e7bec4a1293597
d78728433221e873a0a05a526f9eb42947e59aad
ac1bb4c6291c2d9c9ad8875665451b9dfce5e968f15eb6266c238ae87a7f7edd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/assets/font-awesome/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: text/css
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol, orig_site_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;abe85bff56649f725d9caba84b0b25bc;2-279054-0;e2e11adf-2890-4cb2-7242-d43ffda83c98
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-sol: orig
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 04:29:09 GMT
expires: Wed, 21 Feb 2024 04:29:09 GMT
cache-control: public, max-age=31536000
age: 358748
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4432722afb07ba74051c88ed8a3d0c96
e5715d828785bd764f820cde1e387e4e83aaae99
bfcd2cd628b37ac53fcf981f360c95f65596b61bc8ea8dcee44b9a128bb3e48d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Feb 2023 08:08:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Feb 2023 10:25:03 GMT
expires: Mon, 19 Feb 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 510194
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 21:12:36 GMT
expires: Fri, 23 Feb 2024 21:12:36 GMT
cache-control: public, max-age=31536000
age: 125741
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 21:48:39 GMT
expires: Fri, 23 Feb 2024 21:48:39 GMT
cache-control: public, max-age=31536000
age: 123578
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
amason-reward.store/wp-content/uploads/2021/04/0001-17125710014_20210219_125425_0000.png
18.159.80.129200 OK 26 kB URL HTTP/2 amason-reward.store/wp-content/uploads/2021/04/0001-17125710014_20210219_125425_0000.png
IP 18.159.80.129:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 720x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2e074ecfae9c11df04792b37875cf03f
421129f77a5fa952cc7a5fdf9876c667c9b3bc25
184bf3b8bda2afbe97e0a2b9a23fe82d331d289c6935116a8cae882337ebe4dd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/04/0001-17125710014_20210219_125425_0000.png HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
content-encoding: br
content-type: image/webp
date: Sat, 25 Feb 2023 08:08:17 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;73632ed84a504815d95f60221d42d62d;2-279054-0;aa17e5b6-50d6-4014-5fb8-d893bfb507cb
x-ezoic-excludewebp: false
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
amason-reward.store/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod58%22%2C%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22NO%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A279054%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22c3d31880-96ec-4938-405c-f3e9b4ae1c49%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A65019%2C%22response_time_orig%22%3A110%2C%22serverid%22%3A%223.66.170.135%3A31847%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1677312496%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Famason-reward.store%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A960%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
18.159.80.129200 OK 47 B URL HTTP/2 amason-reward.store/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod58%22%2C%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22NO%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A279054%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22c3d31880-96ec-4938-405c-f3e9b4ae1c49%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A65019%2C%22response_time_orig%22%3A110%2C%22serverid%22%3A%223.66.170.135%3A31847%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1677312496%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Famason-reward.store%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A960%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
IP 18.159.80.129:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash a3251fee66f3b5cce6b349e16c9f401f
800163870d95174d953579598e14e4900392d2a0
8993c7a90996b8dca477e92b7cca19ab3c505c1f4672d5dafa96cb827e1b97f6
Analyzer Verdict Alert quad9 Sinkholed
POST /detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod58%22%2C%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22%22%2C%22country%22%3A%22NO%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A279054%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22c3d31880-96ec-4938-405c-f3e9b4ae1c49%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A65019%2C%22response_time_orig%22%3A110%2C%22serverid%22%3A%223.66.170.135%3A31847%22%2C%22state%22%3A%22%22%2C%22t_epoch%22%3A1677312496%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Famason-reward.store%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A960%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
access-control-allow-origin: https://amason-reward.store
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: image/gif
date: Sat, 25 Feb 2023 08:08:18 GMT
expires: Fri, 24 Feb 2023 08:08:18 GMT
vary: Accept-Encoding
x-middleton-display: imp_sol
content-length: 47
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.83.200.106101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.200.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HaDYb1jIbjRnixURQzW/vg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hpZJnOjfO3g6PYQVIWOvFSEEbzY=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7a570b51e5d7f7c5da269987d62953a2
419fd4b19e40afd79140bee1f8808dc82529bb3c
cff24c8ed8eee3b9a745404d42479b64e0e3e36a415e8716d23f595570ae39ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5382
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 25 Feb 2023 08:08:17 GMT
Last-Modified: Sat, 25 Feb 2023 06:38:35 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 872212f301653f140a7ebda2f5985ac9
e34dd777b3f0e2ed35b71ae85110d950e8d6d078
7aa2cd404feff1a47dba8e74271632fefbbedad788581c84efd0dea30ba180ba
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 08:08:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Feb 2023 20:15:47 GMT
Expires: Thu, 02 Mar 2023 20:15:46 GMT
Etag: "e34dd777b3f0e2ed35b71ae85110d950e8d6d078"
Cache-Control: max-age=475048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79eef3c49f5b1bfe-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22ed48249f9e9529abadd57d3a95496a
437cb183d8bf52833d2a3a132266726407af0df0
24c73d485b3df19b32f9382ac389b8429cc050afdf164ebe8de127250080ee2e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24C73D485B3DF19B32F9382AC389B8429CC050AFDF164EBE8DE127250080EE2E"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5478
Expires: Sat, 25 Feb 2023 09:39:35 GMT
Date: Sat, 25 Feb 2023 08:08:17 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 255d88cbbbab0966afbdc4f95434c62e
ddb8cea5a050e42d97a24ea9a4ed50917f8658cf
85187a46e5b1bc92083d5c52319ac0f9aaefc7af2bf65b456240dd4631e70e72
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Feb 2023 08:08:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 15:49:38 GMT
Expires: Wed, 01 Mar 2023 15:49:37 GMT
Etag: "ddb8cea5a050e42d97a24ea9a4ed50917f8658cf"
Cache-Control: max-age=372679,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79eef3c608881bfe-OSL
amason-reward.store/wp-content/themes/magbook/css/responsive.css?ver=6.1.1
18.159.80.129200 OK 3.5 kB URL HTTP/2 amason-reward.store/wp-content/themes/magbook/css/responsive.css?ver=6.1.1
IP 18.159.80.129:0
Hash 7aa5b2fa450ff1a2f0f3a4be8af93544
065bb2488a8ea50165555534c5585ea6f2198b7b
a67649cdc261030cdc410a5fd8a387562b48b748284dc00b452e0dee4383d962
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/css/responsive.css?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: text/css
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol, orig_site_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;bf6842ad6d71c100df6d1555fee82534;2-279054-0;91d23cba-bd55-4655-4677-6d903f97c2e9
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-sol: orig
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1163
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 25 Feb 2023 08:08:38 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://amason-reward.store
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 4d0e1c4c1d72311c1c17104016bcf4c2
344a7dd684fae932bfe6ba33fbd72ba8ce524d26
7ebbfe9b07620e954a3b264dca6f3ac5466780edd089f4e8454017a049397734
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 08:08:17 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://amason-reward.store
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=759539762083463db79a36ecbcf48c6b; expires=Sun, 25 Feb 2024 08:08:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-31iz6hfFutd16.js
65.9.44.41200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-31iz6hfFutd16.js
IP 65.9.44.41:0
Hash af15ecfe46737cb2a37226fd060f23a6
531085beadcbfe87ed7e5bb352ee60045929287a
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
GET /rules-p-31iz6hfFutd16.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sat, 25 Feb 2023 07:41:29 GMT
cache-control: max-age=3600
etag: "af15ecfe46737cb2a37226fd060f23a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fa679145440a8b5dfc579eecfc89d9d8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: qccTykv9OxLIFBmuQJ8XY-y3QKBNyH9WLRYq8v--0zdzwhy97H6YbA==
age: 1609
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1194000693;labels=Domain.amason_reward_store%2CDomainId.279054;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Famason-reward.store%2F;uht=2;fpan=1;fpa=P0-1919299582-1677312558833;pbc=;ns=0;ce=1;qjs=1;qv=463953fd-20230224153512;cm=;gdpr=0;ref=;d=amason-reward.store;dst=0;et=1677312559009;tzo=0;ogl=;ses=5a355d37-2f6b-4a77-9013-c50e711f40fd
91.228.74.166200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1194000693;labels=Domain.amason_reward_store%2CDomainId.279054;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Famason-reward.store%2F;uht=2;fpan=1;fpa=P0-1919299582-1677312558833;pbc=;ns=0;ce=1;qjs=1;qv=463953fd-20230224153512;cm=;gdpr=0;ref=;d=amason-reward.store;dst=0;et=1677312559009;tzo=0;ogl=;ses=5a355d37-2f6b-4a77-9013-c50e711f40fd
IP 91.228.74.166:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1194000693;labels=Domain.amason_reward_store%2CDomainId.279054;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Famason-reward.store%2F;uht=2;fpan=1;fpa=P0-1919299582-1677312558833;pbc=;ns=0;ce=1;qjs=1;qv=463953fd-20230224153512;cm=;gdpr=0;ref=;d=amason-reward.store;dst=0;et=1677312559009;tzo=0;ogl=;ses=5a355d37-2f6b-4a77-9013-c50e711f40fd HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Feb 2023 08:08:17 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63f9c1f1-bbd0d-7b5e0-d82ad; expires=Wed, 27-Mar-2024 08:08:17 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
amason-reward.store/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5c-2&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5c&abt=RefreshTest
18.159.80.129200 OK 96 kB URL HTTP/2 amason-reward.store/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5c-2&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5c&abt=RefreshTest
IP 18.159.80.129:0
File type ASCII text, with very long lines (25655)
Hash 32a537b2b5c6dfb5bb58483166252357
90e796206a000534f56e3bde1c4764baceaf82e3
bcf404b4000570c16792cc27015ff58fe526f6ad4c713ea0fbf3ef80e7efc11e
Analyzer Verdict Alert quad9 Sinkholed
GET /detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5c-2&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5c&abt=RefreshTest HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:17 GMT
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
X-Firefox-Spdy: h2
amason-reward.store/favicon.ico
18.159.80.129404 Not Found 558 B URL HTTP/2 amason-reward.store/favicon.ico
IP 18.159.80.129:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b7c15ee08f76dbcbd66539550344bed7
e6f8c166dd779da4c95d6d699747e363ea662458
f4358be08c3ec98d6e7c7ea28d6e3ee8780cfd86dfee0995d8746f5ce837492d
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html
date: Sat, 25 Feb 2023 08:08:17 GMT
display: staticcontent_sol
expires: Fri, 24 Feb 2023 08:08:17 GMT
pagespeed: off
pragma: no-cache
response: 404
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 404
x-origin-cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
content-length: 558
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 872c81d9e7829552db27b5a4f56635ba
31b73a32a5e55adc3f9f43005fa7b623ed7ef6b9
f8b8f0a0a6a080668be4aa3c8723db2e124ee5c11e9f91311eb7dd9f031e004e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5349
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 25 Feb 2023 08:08:18 GMT
Last-Modified: Sat, 25 Feb 2023 06:39:09 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 278
untimburra.com/500/4824846?excludes=&oaid=759539762083463db79a36ecbcf48c6b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Famason-reward.store%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 15 kB URL HTTP/2 untimburra.com/500/4824846?excludes=&oaid=759539762083463db79a36ecbcf48c6b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Famason-reward.store%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash c7672f0e926f89ace9758ad22a459ad8
8b9ac908fd571dc90a13fc2a90ed2c29c8dfb70a
839d87b31809f2a71e8005a4e1b8e4134c16770ee6d10fd108ff7b3362b1c0f9
GET /500/4824846?excludes=&oaid=759539762083463db79a36ecbcf48c6b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Famason-reward.store%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: untimburra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: OAID=94df039056ec424c8f39490362fac5e6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 08:08:18 GMT
content-type: application/javascript
x-trace-id: 39081078a393c201b3228b93f3f3044d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://amason-reward.store
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=759539762083463db79a36ecbcf48c6b; expires=Sun, 25 Feb 2024 08:08:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5126
Expires: Sat, 25 Feb 2023 09:33:44 GMT
Date: Sat, 25 Feb 2023 08:08:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5126
Expires: Sat, 25 Feb 2023 09:33:44 GMT
Date: Sat, 25 Feb 2023 08:08:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5126
Expires: Sat, 25 Feb 2023 09:33:44 GMT
Date: Sat, 25 Feb 2023 08:08:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef9ebe09-9cc5-4e63-b46d-548a6f4f6dea.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef9ebe09-9cc5-4e63-b46d-548a6f4f6dea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29ffac3ec38ff0935308317245e49f66
1d154aadf4e8531ab29847620e765621eebfedf0
ebe9953af6a7fd7572d2db1b671a822fd435767cb9ed50901c80e3ee97bfb055
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef9ebe09-9cc5-4e63-b46d-548a6f4f6dea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5721
x-amzn-requestid: 67a84eb5-2482-4dd0-a9c9-893df5659703
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A3Q8dFm1IAMFmdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f92eb5-7d1354c513aeb253668b9b02;Sampled=0
x-amzn-remapped-date: Fri, 24 Feb 2023 21:40:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lDr6EE5vA869BqqxWgKIS8bMb4gxUl3mnb1YmOQUZX20FtsaNGXn_g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 21:58:02 GMT
etag: "1d154aadf4e8531ab29847620e765621eebfedf0"
content-type: image/jpeg
age: 36616
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff5407c6-2a6f-4838-bc41-1789c4e6f8da.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff5407c6-2a6f-4838-bc41-1789c4e6f8da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05a9370acec017523b5eee34475bd114
7e094e12a62e71d16db43bb8a6c07b4405dc0b62
3379bf1f5bccefddd614593394a8dd7d7d1198e824f9b2ba663eb09a3cdd2738
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fff5407c6-2a6f-4838-bc41-1789c4e6f8da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9770
x-amzn-requestid: 4e47ac5b-df5b-4026-b538-5f1e82316cbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ax_KCHvcIAMFmvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7123f-10ed15e64c3502a2407f3d0d;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 07:14:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuJUylwass4sTiu_rSgCr4t0whe4DlZ1ifzTgl-4feMe-91Z6zjPjg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 07:20:56 GMT
age: 2842
etag: "7e094e12a62e71d16db43bb8a6c07b4405dc0b62"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 3fd9f8c8-cf10-4222-a2cc-5f18ff7b2e9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Az9D3HqmoAMFeBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7dbb2-352315613cc0c2bc7eb28e05;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 21:33:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S8s54RJtScNtsl6uEFtBEHnTj4lb3l5xIWR96Kvr_SdwQQQMgSKNxA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 21:34:57 GMT
age: 38001
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc20c8d-1b3c-4e00-a468-88d806c965a3.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc20c8d-1b3c-4e00-a468-88d806c965a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c3fd6a66f639ab8b00aafb73f5e59fd
fab006321ccf7d549aa0cbef1f3e2bd07b265063
9328c4bb4443717a90c159ba2972837cef3ab283f67d1ab5a59559f08547dc7e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bc20c8d-1b3c-4e00-a468-88d806c965a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4434
x-amzn-requestid: ba11bfe0-4309-460e-b83a-709f649001a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AoE-KH_RIAMF3Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f31b8d-71089ee90631b4c70fd7c5fa;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: LEUivshopWui_DFLo3W3_YqrayW5k2TlYHLWBjKdxvFMKMTluzbnxg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 22:22:39 GMT
age: 35139
etag: "fab006321ccf7d549aa0cbef1f3e2bd07b265063"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36dc2d4e-4b29-46e0-bb39-0a814087d2f9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36dc2d4e-4b29-46e0-bb39-0a814087d2f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0bb3d8844849cad793b503bfd006a7ad
6f5af2975e81194c6691925271d0c35b8b9c5f36
26ec89c8c7af52aba33cb83f5b78c86c92c7ceafba389d41be7fa8f5344cfcfd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36dc2d4e-4b29-46e0-bb39-0a814087d2f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10549
x-amzn-requestid: ec648b3f-3332-4ef7-8fdd-94ecfb2ced3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A3Q9fFoTIAMFyCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f92ebc-241497c664b4abd8460717a1;Sampled=0
x-amzn-remapped-date: Fri, 24 Feb 2023 21:40:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: rpa0DRBGoAnPd4mT1LgRXYHmYWrWsAUp0F7ZOvzDo08VawKo-jnXgg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Feb 2023 22:13:00 GMT
etag: "6f5af2975e81194c6691925271d0c35b8b9c5f36"
content-type: image/jpeg
age: 35718
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5651651c-e7cc-4a7b-ae8a-9fb1e88379d3.jpeg
34.120.237.76200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5651651c-e7cc-4a7b-ae8a-9fb1e88379d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94622f58aa91b60efcab072bbfc1b8fc
481c511819075f80bacc5cca0b50c3650b5789d1
767c220ed09fbb28216023785c3609993185463dea0fcdc6cb355d6d00acd6b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5651651c-e7cc-4a7b-ae8a-9fb1e88379d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2433
x-amzn-requestid: 1eb77631-515a-41f7-ac18-59c8cd22c4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ax_KCHgAoAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f7123f-051da60474344e58658cc980;Sampled=0
x-amzn-remapped-date: Thu, 23 Feb 2023 07:14:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KStkU8id8VhC4s3kYYvxctpem7798i9K7jNQUVNahm_mycuGOaE72g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Feb 2023 07:44:04 GMT
age: 1454
etag: "481c511819075f80bacc5cca0b50c3650b5789d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
amason-reward.store/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzNkMzE4ODAtOTZlYy00OTM4LTQwNWMtZjNlOWI0YWUxYzQ5IiwiZG9tYWluX2lkIjoiMjc5MDU0IiwidF9lcG9jaCI6MTY3NzMxMjQ5NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDItMjUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzNkMzE4ODAtOTZlYy00OTM4LTQwNWMtZjNlOWI0YWUxYzQ5IiwiZG9tYWluX2lkIjoiMjc5MDU0IiwidF9lcG9jaCI6MTY3NzMxMjQ5NiwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
18.159.80.129204 No Content 0 B URL HTTP/2 amason-reward.store/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzNkMzE4ODAtOTZlYy00OTM4LTQwNWMtZjNlOWI0YWUxYzQ5IiwiZG9tYWluX2lkIjoiMjc5MDU0IiwidF9lcG9jaCI6MTY3NzMxMjQ5NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDItMjUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzNkMzE4ODAtOTZlYy00OTM4LTQwNWMtZjNlOWI0YWUxYzQ5IiwiZG9tYWluX2lkIjoiMjc5MDU0IiwidF9lcG9jaCI6MTY3NzMxMjQ5NiwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
IP 18.159.80.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMDI0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzNkMzE4ODAtOTZlYy00OTM4LTQwNWMtZjNlOWI0YWUxYzQ5IiwiZG9tYWluX2lkIjoiMjc5MDU0IiwidF9lcG9jaCI6MTY3NzMxMjQ5NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDItMjUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI4In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzNkMzE4ODAtOTZlYy00OTM4LTQwNWMtZjNlOWI0YWUxYzQ5IiwiZG9tYWluX2lkIjoiMjc5MDU0IiwidF9lcG9jaCI6MTY3NzMxMjQ5NiwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ== HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1; __qca=P0-1919299582-1677312558833; ezux_lpl_279054=1677312559051|c3d31880-96ec-4938-405c-f3e9b4ae1c49|false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://amason-reward.store
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Sat, 25 Feb 2023 08:08:24 GMT
expires: Fri, 24 Feb 2023 08:08:24 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
X-Firefox-Spdy: h2
amason-reward.store/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI1OTEifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6Ijc1NyJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIzNTcifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIzODEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTEzMiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjEyODB4OTM5In0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxMjAxOTIwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMzgwNjUzNiJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIzMDAyIn1dfV0=
18.159.80.129204 No Content 0 B URL HTTP/2 amason-reward.store/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI1OTEifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6Ijc1NyJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIzNTcifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIzODEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTEzMiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjEyODB4OTM5In0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxMjAxOTIwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMzgwNjUzNiJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIzMDAyIn1dfV0=
IP 18.159.80.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI1OTEifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6Ijc1NyJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIzNTcifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIzODEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTEzMiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMzZDMxODgwLTk2ZWMtNDkzOC00MDVjLWYzZTliNGFlMWM0OSIsImRvbWFpbl9pZCI6IjI3OTA1NCIsInRfZXBvY2giOjE2NzczMTI0OTYsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjEyODB4OTM5In0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxMjAxOTIwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMzgwNjUzNiJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIzMDAyIn1dfV0= HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1; __qca=P0-1919299582-1677312558833; ezux_lpl_279054=1677312559051|c3d31880-96ec-4938-405c-f3e9b4ae1c49|false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://amason-reward.store
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Sat, 25 Feb 2023 08:08:23 GMT
expires: Fri, 24 Feb 2023 08:08:23 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
X-Firefox-Spdy: h2
amason-reward.store/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNjc3MzEyNTY2MzY1In1dfV0=
18.159.80.129204 No Content 0 B URL HTTP/2 amason-reward.store/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNjc3MzEyNTY2MzY1In1dfV0=
IP 18.159.80.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNjc3MzEyNTY2MzY1In1dfV0= HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1; __qca=P0-1919299582-1677312558833; ezux_lpl_279054=1677312559051|c3d31880-96ec-4938-405c-f3e9b4ae1c49|false; ezux_et_279054=0; ezux_tos_279054=7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://amason-reward.store
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Sat, 25 Feb 2023 08:08:25 GMT
expires: Fri, 24 Feb 2023 08:08:25 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
X-Firefox-Spdy: h2
amason-reward.store/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoiZmlkX3ZhbHVlIiwidmFsIjoiMiJ9XX1d
18.159.80.129204 No Content 0 B URL HTTP/2 amason-reward.store/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoiZmlkX3ZhbHVlIiwidmFsIjoiMiJ9XX1d
IP 18.159.80.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjM2QzMTg4MC05NmVjLTQ5MzgtNDA1Yy1mM2U5YjRhZTFjNDkiLCJkb21haW5faWQiOiIyNzkwNTQiLCJ0X2Vwb2NoIjoxNjc3MzEyNDk2LCJkYXRhIjpbeyJuYW1lIjoiZmlkX3ZhbHVlIiwidmFsIjoiMiJ9XX1d HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://amason-reward.store
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1; __qca=P0-1919299582-1677312558833; ezux_lpl_279054=1677312559051|c3d31880-96ec-4938-405c-f3e9b4ae1c49|false; ezux_et_279054=0; ezux_tos_279054=7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://amason-reward.store
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Sat, 25 Feb 2023 08:08:25 GMT
expires: Fri, 24 Feb 2023 08:08:25 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
X-Firefox-Spdy: h2
amason-reward.store/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
18.159.80.129200 OK 0 B URL HTTP/2 amason-reward.store/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 18.159.80.129:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;ff4bee1d596babae5ce753ae2d51c09d;2-279054-0;d8ce0b2b-47d9-406e-4d26-7b0b2d7b8df4
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget.supercounters.com/ssl/online_i.js
172.67.154.41200 OK 0 B URL HTTP/2 widget.supercounters.com/ssl/online_i.js
IP 172.67.154.41:0
GET /ssl/online_i.js HTTP/1.1
Host: widget.supercounters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Feb 2023 08:08:17 GMT
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 11:46:10 GMT
etag: W/"6220aa82-10a3"
cache-control: max-age=300
cf-cache-status: HIT
age: 3369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oc5b092F39wLPaZ9gVvt1hHs1M2mXXSu3XVaRDAdSGHcIkGHq5vWU03P3xO1JxWW%2FSIfXCfzrOwkSsKAR4jh6EEE5mG5cVAiiNXVv7cZba5rvyiztGmfn9k7k9nLn44NDGrr1txU7T%2B2ah4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79eef3c24ed7b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.166200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.166:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Feb 2023 08:08:17 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "liYNKlRv1+e+pwbkZBrDjQ=="
expires: Sat, 04 Mar 2023 08:08:17 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
amason-reward.store/wp-content/uploads/2021/07/images-7.png
18.159.80.129200 OK 0 B URL HTTP/2 amason-reward.store/wp-content/uploads/2021/07/images-7.png
IP 18.159.80.129:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/07/images-7.png HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
content-encoding: br
content-type: image/webp
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;62320f964449fdbcd9024db079db5443;2-279054-0;7eb7a256-a5d5-4a8e-7eb8-8c17bbd303d2
x-ezoic-excludewebp: false
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
amason-reward.store/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
18.159.80.129200 OK 0 B URL HTTP/2 amason-reward.store/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 18.159.80.129:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;3e9b21ffe02e0fbeb2b3fa6b214488c0;2-279054-0;872f36fc-3747-4343-5291-32782e430b81
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
amason-reward.store/wp-content/uploads/2021/06/images-2021-06-19T122809.097.jpeg
18.159.80.129200 OK 0 B URL HTTP/2 amason-reward.store/wp-content/uploads/2021/06/images-2021-06-19T122809.097.jpeg
IP 18.159.80.129:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/06/images-2021-06-19T122809.097.jpeg HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=2592000
content-encoding: br
content-type: image/webp
date: Sat, 25 Feb 2023 08:08:17 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;a52835706198da258ea14b34c9ec8e9b;2-279054-0;24b5da57-3368-433c-5a7d-f911189a23c3
x-ezoic-excludewebp: false
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
amason-reward.store/
18.159.80.129200 OK 0 B IP 18.159.80.129:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 25 Feb 2023 08:08:16 UTC
display: orig_site_sol
etag: "7398-1675222936;gz-gzip"
expires: Fri, 24 Feb 2023 08:08:16 GMT
link: <https://amason-reward.store/wp-json/>; rel="https://api.w.org/"
pagespeed: off
response: 200
server: LiteSpeed
set-cookie: ezoadgid_279054=-1; Path=/; Domain=amason-reward.store; Expires=Sat, 25 Feb 2023 08:38:16 UTC
ezoref_279054=; Path=/; Domain=amason-reward.store; Expires=Sat, 25 Feb 2023 10:08:16 UTC
ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; Path=/; Domain=amason-reward.store; Expires=Sun, 25 Feb 2024 08:08:16 UTC; Secure; SameSite=None
ezoab_279054=mod58; Path=/; Domain=amason-reward.store; Expires=Sat, 25 Feb 2023 10:08:16 UTC
lp_279054=https://amason-reward.store/; Path=/; Domain=amason-reward.store; Expires=Sat, 25 Feb 2023 08:38:16 UTC
ezovuuidtime_279054=1677312496; Path=/; Domain=amason-reward.store; Expires=Mon, 27 Feb 2023 08:08:16 UTC
ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; Path=/; Domain=amason-reward.store; Expires=Sat, 25 Feb 2023 08:38:16 UTC
ezopvc_279054=1; Path=/; Domain=amason-reward.store; Expires=Sat, 25 Feb 2023 08:38:16 UTC
vary: Accept-Encoding,User-Agent
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;1145ace5b7381f9b76bce928d051a8ae;2-279054-0;2df3f652-f2f6-4ff2-4a05-f8d53880e5bd
x-litespeed-cache: hit
x-middleton-display: orig_site_sol
x-middleton-response: 200
x-origin-cache-control:
x-sol: orig
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
amason-reward.store/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
18.159.80.129200 OK 0 B URL HTTP/2 amason-reward.store/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 18.159.80.129:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;e634992a2a06b91ebf663566069f7351;2-279054-0;ae26967a-d47d-42c1-5178-d1e258cfc2a9
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
amason-reward.store/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1c-5&cmbcb=125&sj=x03x0cx1c&abt=RefreshTest
18.159.80.129200 OK 0 B URL HTTP/2 amason-reward.store/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1c-5&cmbcb=125&sj=x03x0cx1c&abt=RefreshTest
IP 18.159.80.129:0
Analyzer Verdict Alert quad9 Sinkholed
GET /detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1c-5&cmbcb=125&sj=x03x0cx1c&abt=RefreshTest HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, public
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:17 GMT
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.89.122200 OK 0 B IP 104.21.89.122:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Feb 2023 08:08:17 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 08:43:29 GMT
etag: W/"63edecb1-43ec"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 7054
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kYpqw9rNmIuaXRLMBsYRe9stB3Il%2FNSLe05k48guzAN1gkPVVCnB0TamCqNy1%2FYvx%2BihE85DaZEcwtOHgEVnelGFy%2Flmk4l1JEcgDfna5TDvI%2B7xeggnVMm%2By80SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79eef3c44908b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
untimburra.com/400/4824846
139.45.197.239200 OK 0 B URL HTTP/2 untimburra.com/400/4824846
IP 139.45.197.239:0
GET /400/4824846 HTTP/1.1
Host: untimburra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Feb 2023 08:08:17 GMT
content-type: application/javascript
x-trace-id: 830355d11a15570a15297614ec682df4
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=94df039056ec424c8f39490362fac5e6; expires=Sun, 25 Feb 2024 08:08:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
amason-reward.store/wp-content/themes/magbook/js/jquery.flexslider-min.js?ver=6.1.1
18.159.80.129200 OK 0 B URL HTTP/2 amason-reward.store/wp-content/themes/magbook/js/jquery.flexslider-min.js?ver=6.1.1
IP 18.159.80.129:0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/magbook/js/jquery.flexslider-min.js?ver=6.1.1 HTTP/1.1
Host: amason-reward.store
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Cookie: ezoadgid_279054=-1; ezoref_279054=; ezosuibasgeneris-1=cad51f0e-84b6-4181-4c95-3e44eac7dadf; ezoab_279054=mod58; lp_279054=https://amason-reward.store/; ezovuuidtime_279054=1677312496; ezovuuid_279054=f40b5316-20a1-47b7-798f-78572877107f; ezopvc_279054=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
content-encoding: br
content-type: application/javascript
date: Sat, 25 Feb 2023 08:08:16 UTC
display: staticcontent_sol
last-modified: Sat, 18 Feb 2023 00:34:42 GMT
response: 200
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Origin
x-ez-proxy-out: true 2.3
x-ezoic-cdn: Hit ds;ds;1910778261ba415d7daea36184a69352;2-279054-0;039219f5-11b4-4ced-6278-44b97b910310
x-middleton-display: staticcontent_sol
x-middleton-response: 200
x-origin-cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%7CLato%3A300%2C400%2C400i%2C500%2C600%2C700&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%7CLato%3A300%2C400%2C400i%2C500%2C600%2C700&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Open+Sans%7CLato%3A300%2C400%2C400i%2C500%2C600%2C700&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amason-reward.store/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Feb 2023 08:08:17 GMT
date: Sat, 25 Feb 2023 08:08:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2