firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 23:12:59 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F-18JSfni_sxCa6Ulp5vfg2GA2gnDBbCZHLnfU8uXlk9Z6HSh5tQdg==
Age: 46
www.metwashairports.com/
209.17.116.163301 Moved Permanently 175 B IP 209.17.116.163:0
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
GET / HTTP/1.1
Host: www.metwashairports.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty/1.19.9.1
Date: Mon, 19 Sep 2022 23:13:45 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://www.mwaa.com/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18047
Expires: Tue, 20 Sep 2022 04:14:32 GMT
Date: Mon, 19 Sep 2022 23:13:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y58rOL4MjFnoS1AfaACTU-6RihwBbdp4iytvWJW2QqXp6mM92uSi5A==
age: 67112
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 23:13:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 9f1653588f4ac62312ba8cc8083a6f1c
8436a68c5e31018d939e3e06f2b926a09f21c185
8f17f98f3ee3911b4b15de432f3a917d6c71cfce5ca16ebdf2b99c531971aed2
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 19 Sep 2022 23:13:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 19 Sep 2022 21:58:48 GMT
Expires: Tue, 20 Sep 2022 21:58:48 GMT
ETag: "8436a68c5e31018d939e3e06f2b926a09f21c185"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 23:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 23:16:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cp8Ffsp1Mu9Md5xOG2rRWoYUBQjAm0bww1NRae9MgeoYHx7mPOk3_Q==
Age: 623
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1581
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:45 GMT
Last-Modified: Mon, 19 Sep 2022 22:47:24 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 08MKEFuF1n7WF1qEpb/zJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zU8EL08zEJtBVvLmjiUZrvG63xw=
www.googletagmanager.com/gtag/js?id=G-BW8S0BG7G3
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-BW8S0BG7G3
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash 6e1364a6a57867cd77961eddef3a01b5
0a383179c78f40a89cf68d068342f6460f84c477
3b11a012a5ea01e0613c13ffb0f4a4ac598d7c892a452181b768c693274a4f0d
GET /gtag/js?id=G-BW8S0BG7G3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 23:13:46 GMT
expires: Mon, 19 Sep 2022 23:13:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mwaa.com/sites/mwaa.com/files/google_tag/mwaa_tag/google_tag.script.js?rhvnqa
104.18.19.82200 OK 282 B URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/google_tag/mwaa_tag/google_tag.script.js?rhvnqa
IP 104.18.19.82:0
File type ASCII text, with very long lines (348), with no line terminators
Hash 3d6cb242c07f4aed0758a4008c3c2ade
818939b6ffaac7ceb651d49e6ed9268cea65fc1e
c0f9d001c9476d042a2a9ff5f7dc79c3bae9bb489b26a359ee29aad762a83802
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/google_tag/mwaa_tag/google_tag.script.js?rhvnqa HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: application/javascript
content-length: 282
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 06:08:42 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1209600
expires: Thu, 22 Sep 2022 06:08:55 GMT
x-request-id: v-b8133f5e-2f3c-11ed-a665-57477fd79bea
x-ah-environment: prod
age: 1011891
via: varnish
x-cache: HIT
x-cache-hits: 16831
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d603870f11b51b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mwaa.com/sites/mwaa.com/files/css/css_K2iTFTesS9VqwFidsGaOVRA2F1zglJF4zYx3TAnW-QM.css
104.18.19.82200 OK 9.3 kB URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/css/css_K2iTFTesS9VqwFidsGaOVRA2F1zglJF4zYx3TAnW-QM.css
IP 104.18.19.82:0
File type assembler source, ASCII text, with very long lines (14933)
Hash 6a065690d1d3e776bee6d50e296033ea
a93eb0e7b294c27ddf12348f39bd07e292f679f0
6e81406cd7ca578bff59148659f0dbd3d505579e582ce010d898187009056013
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/css/css_K2iTFTesS9VqwFidsGaOVRA2F1zglJF4zYx3TAnW-QM.css HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: text/css
content-length: 9280
x-content-type-options: nosniff
last-modified: Thu, 01 Sep 2022 15:31:42 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:07 GMT
x-request-id: v-c8794d28-2dcc-11ed-9cb4-0f6c8943223a
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
age: 1169918
via: varnish
x-cache: HIT
x-cache-hits: 6221
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d603870f12b51b-OSL
X-Firefox-Spdy: h2
www.mwaa.com/sites/mwaa.com/files/hotjar/hotjar.script.js?rhvnqa
104.18.19.82200 OK 250 B URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/hotjar/hotjar.script.js?rhvnqa
IP 104.18.19.82:0
File type ASCII text, with very long lines (321), with no line terminators
Hash 066ffff960e97a172b0d2c643c37465d
b2bd8db426ce77e845e857202398edc966da3aea
a7944e73a65f7cf694df10e8d79edfad1254147a1a66e4b9d085187dfd9a73bc
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/hotjar/hotjar.script.js?rhvnqa HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: application/javascript
content-length: 250
x-content-type-options: nosniff
last-modified: Thu, 01 Sep 2022 15:30:41 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1209600
expires: Thu, 22 Sep 2022 06:08:50 GMT
x-request-id: v-b5292830-2f3c-11ed-a220-6f9c32ca5176
x-ah-environment: prod
age: 1011896
via: varnish
x-cache: HIT
x-cache-hits: 17255
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d603870f10b51b-OSL
X-Firefox-Spdy: h2
www.mwaa.com/sites/mwaa.com/files/styles/slim_hero/public/2021-08/dca_pj_2.png.jpg?itok=6lMWnx0o
104.18.19.82200 OK 25 kB URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/styles/slim_hero/public/2021-08/dca_pj_2.png.jpg?itok=6lMWnx0o
IP 104.18.19.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1900x600, components 3\012- data
Hash 8615695430ecfe34bffa98a813f1d467
1822fb5b06d02034180e7dd27be157dc10ad9f00
6cc13edc2d363707950b57b09d30625e5273361cfd6aff293a4a5b27e30480a3
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/styles/slim_hero/public/2021-08/dca_pj_2.png.jpg?itok=6lMWnx0o HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: image/jpeg
content-length: 25344
x-content-type-options: nosniff
last-modified: Tue, 14 Jun 2022 20:33:01 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c8feb6d4-2dcc-11ed-9744-fba88127b821
x-ah-environment: prod
age: 1169917
via: varnish
x-cache: HIT
x-cache-hits: 5057
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038a48fdb51b-OSL
X-Firefox-Spdy: h2
www.mwaa.com/
104.18.19.82200 OK 171 kB IP 104.18.19.82:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10264), with CRLF, LF line terminators
Size 171 kB (170839 bytes)
Hash 863b06ec242b981f5d54661cf6c3e091
2560aeb0bb76ca9a6c0d8ca3ac043d7c7aee2f66
8044735703225633ef65738db780a568326b949e5220b5b316b5d681a5e0b25c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET / HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:45 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=2592000, public
x-drupal-dynamic-cache: HIT
link: <https://www.mwaa.com/>; rel="canonical", <https://www.mwaa.com/>; rel="shortlink"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Mon, 19 Sep 2022 23:04:16 GMT
vary: Cookie,Accept-Encoding
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-62a33e0c-386f-11ed-9d66-13f56dcacee5
x-ah-environment: prod
age: 568
via: varnish
x-cache: HIT
x-cache-hits: 23
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d60382dc28b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.mwaa.com/sites/mwaa.com/files/js/js_uL8asKbA0U1eJwisvB1fbUStIuzN53eR4LdPjN4DY8Q.js
104.18.19.82200 OK 200 kB URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/js/js_uL8asKbA0U1eJwisvB1fbUStIuzN53eR4LdPjN4DY8Q.js
IP 104.18.19.82:0
File type ASCII text, with very long lines (64294)
Size 200 kB (200268 bytes)
Hash 0d97a1a6f367797396eb9659b42887e3
42f380f8e1e0d8d7ae25203823116b6e3e197f55
23ce6055bec24fd6e5822bf6d1dee123d4bd95fa82807ca5db021cba4674a6ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/js/js_uL8asKbA0U1eJwisvB1fbUStIuzN53eR4LdPjN4DY8Q.js HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: text/javascript
content-length: 200268
x-content-type-options: nosniff
last-modified: Thu, 01 Sep 2022 15:31:42 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c89ea3f2-2dcc-11ed-85f1-1fe866317b7f
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
age: 1169918
via: varnish
x-cache: HIT
x-cache-hits: 6330
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d603871f19b51b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-BW8S0BG7G3&cid=15227372.1663629206>m=2oe9e0&aip=1
142.251.1.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-BW8S0BG7G3&cid=15227372.1663629206>m=2oe9e0&aip=1
IP 142.251.1.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-BW8S0BG7G3&cid=15227372.1663629206>m=2oe9e0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mwaa.com
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.mwaa.com
date: Mon, 19 Sep 2022 23:13:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mwaa.com/sites/mwaa.com/files/styles/hero/public/2022-09/hm_carousel-2022-NHHM-2048x1461.jpg?itok=xCzdTliS
104.18.19.82200 OK 189 kB URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/styles/hero/public/2022-09/hm_carousel-2022-NHHM-2048x1461.jpg?itok=xCzdTliS
IP 104.18.19.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 2048x1461, components 3\012- data
Size 189 kB (189331 bytes)
Hash c319dc792f5dc06fce0b1adb0f3d42d5
4262f1e18fcb4a549121a0f8355f66833f1a9b0f
aacf946064eb718e952be1a40b9567d6a702b68b7a327290be3b0d95fcdc39b4
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/styles/hero/public/2022-09/hm_carousel-2022-NHHM-2048x1461.jpg?itok=xCzdTliS HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: image/jpeg
content-length: 189331
x-content-type-options: nosniff
last-modified: Thu, 15 Sep 2022 16:04:20 GMT
cache-control: max-age=1209600
expires: Thu, 29 Sep 2022 16:04:30 GMT
x-request-id: v-14c65668-3510-11ed-960b-039f3f5dd1a7
x-ah-environment: prod
age: 371356
via: varnish
x-cache: HIT
x-cache-hits: 1528
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038a48f3b51b-OSL
X-Firefox-Spdy: h2
www.mwaa.com/themes/custom/mwaa_barrio/images/footer/ico_mwaa_1l.svg
104.18.19.82200 OK 299 kB URL HTTP/2 www.mwaa.com/themes/custom/mwaa_barrio/images/footer/ico_mwaa_1l.svg
IP 104.18.19.82:0
Size 299 kB (298873 bytes)
Hash c6203aec5646b6f542bc874a80b48e51
1f0468be61389b71fa4327c15d52bd4617d49c62
1cb72dfee69bfe43c7327bcdea226d0d94851d69bb4a37de55909375284e79eb
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /themes/custom/mwaa_barrio/images/footer/ico_mwaa_1l.svg HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: image/svg+xml
x-content-type-options: nosniff
last-modified: Thu, 18 Aug 2022 09:34:20 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c8bf7c44-2dcc-11ed-acb1-57ceb93e4baf
x-ah-environment: prod
age: 1169918
via: varnish
x-cache: HIT
x-cache-hits: 19667
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d603871f17b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mwaa.com/sites/mwaa.com/files/styles/slim_hero/public/2021-08/dca_slider_1.png.jpg?itok=WHD0ZGpc
104.18.19.82200 OK 211 kB URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/styles/slim_hero/public/2021-08/dca_slider_1.png.jpg?itok=WHD0ZGpc
IP 104.18.19.82:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1900x600, components 3\012- data
Size 211 kB (210654 bytes)
Hash bf230a919fa13007a4395f34703b86df
1ffc447f9b651bea5cd48422fcdcfd043aab4d1d
e0058a3d8ec92fc0375eb3b8b69dee1ac268e0a8065a2d5f5c77189a84e2a4af
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/styles/slim_hero/public/2021-08/dca_slider_1.png.jpg?itok=WHD0ZGpc HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: image/jpeg
content-length: 210654
x-content-type-options: nosniff
last-modified: Tue, 14 Jun 2022 20:33:01 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c9100038-2dcc-11ed-ba22-3b5409db4ad6
x-ah-environment: prod
age: 1169917
via: varnish
x-cache: HIT
x-cache-hits: 5107
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038a48fcb51b-OSL
X-Firefox-Spdy: h2
www.mwaa.com/sites/mwaa.com/files/css/css__JW6_Ht-oahaxlcVOpVlYBEzjZtTX7Fe9K64f4YHGTQ.css
104.18.19.82200 OK 1.2 kB URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/css/css__JW6_Ht-oahaxlcVOpVlYBEzjZtTX7Fe9K64f4YHGTQ.css
IP 104.18.19.82:0
File type ASCII text, with very long lines (4932)
Hash 4bbc81cd82745fe3ef35a9e7bb207ecd
8357b749edceed85939fdd620548df42c40413a0
ab2f6805045c25d0b79a5f56dc8f082c714c5db7fa1e55dba474af46964429a5
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/css/css__JW6_Ht-oahaxlcVOpVlYBEzjZtTX7Fe9K64f4YHGTQ.css HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:47 GMT
content-type: text/css
content-length: 1244
x-content-type-options: nosniff
last-modified: Thu, 01 Sep 2022 15:30:51 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:14:05 GMT
x-request-id: v-a31c7fbe-2dcc-11ed-8f17-e3c0e41b0c54
x-ah-environment: prod
content-encoding: gzip
vary: Accept-Encoding
age: 1169981
via: varnish
x-cache: HIT
x-cache-hits: 19522
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038cca9eb51b-OSL
X-Firefox-Spdy: h2
www.mwaa.com/sites/mwaa.com/files/styles/hero/public/2022-05/hm_carousel_nonstop.jpg?itok=O3JJywnV
104.18.19.82200 OK 332 kB URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/styles/hero/public/2022-05/hm_carousel_nonstop.jpg?itok=O3JJywnV
IP 104.18.19.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 304x304, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=19, height=3750, bps=242, compression=none, PhotometricIntepretation=RGB, description=panorama of white sand beach at Sandy Cay, British Virgin Islands taken from a boat, manufacturer=Canon, model=Canon EOS 5D Mark II, orientation=upper-left, width=11057], baseline, precision 8, 2500x833, components 3\012- data
Size 332 kB (331721 bytes)
Hash 397bf0d758aacfbf474efe5710cfc96d
c696b8744db29f9ae4cb1971daff994ef5cb9985
32957a4dcbe437bb554a10e9ef6058c13619f50628c1de9f9af81291db0822af
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/styles/hero/public/2022-05/hm_carousel_nonstop.jpg?itok=O3JJywnV HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: image/jpeg
content-length: 331721
x-content-type-options: nosniff
last-modified: Tue, 14 Jun 2022 19:36:29 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c8fe5c20-2dcc-11ed-8ec8-6f8ec0c83535
x-ah-environment: prod
age: 1169917
via: varnish
x-cache: HIT
x-cache-hits: 5164
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038a48f4b51b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mwaa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 571366
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.163200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mwaa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:13:12 GMT
expires: Tue, 19 Sep 2023 21:13:12 GMT
cache-control: public, max-age=31536000
age: 7235
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2779
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 23:13:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2779
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 23:13:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2779
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 23:13:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2779
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 23:13:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2779
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 23:13:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f4438521bfdc6871ae384abcb7da547
a17fc7a7c30999b8789011c2064f5a8704b00eee
2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5402
x-amzn-requestid: 0442580c-9024-46b1-8ad5-5c7e8d35371d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfMALHT2oAMFmgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322c067-254ecd9003455f090f7d5ef9;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 06:04:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Y4IeHZWMs_JdT2dG8d3BNqpxvU3lcYDsXub1CuCoVBxzTPsjuU_5Ww==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 18:11:38 GMT
age: 18129
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F099b68b9-9e16-49e4-85b1-93b59b2ba2e0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F099b68b9-9e16-49e4-85b1-93b59b2ba2e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f816c646aefe417c3b980f432b98b41f
39c46ac3c49f0e2067aa6937a95839845b372dea
b9d8cb82c21257f9d5b5d82cf12bbf8aff690321f39c26e4a89f8a4d89fb00a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F099b68b9-9e16-49e4-85b1-93b59b2ba2e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8746
x-amzn-requestid: 23ee3cce-0abd-436a-b4d8-a2ad451cbeaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7zElLoAMF0cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-1e03d3ee7a0033dd78620f20;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ChuMpL0m_XtTffIvROFslpQUwz13cx8rKF8UfD3LTfMtHvKKm5VNAQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:08:46 GMT
age: 3901
etag: "39c46ac3c49f0e2067aa6937a95839845b372dea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcba2e620-391c-4ae8-ac94-90c963b715fb.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcba2e620-391c-4ae8-ac94-90c963b715fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cdeb5f4113596f09b5500537d2fe192c
a6c26f8faf8840317a5a0c2abf6b175e9be1a00f
84eb2416ea398cc5532fedf13e76cc15e1b63b3c0f7c52b000ee36d9e736b507
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcba2e620-391c-4ae8-ac94-90c963b715fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6865
x-amzn-requestid: 17572179-da09-4e5e-8f39-30a40fe39217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YuhZNEA9oAMFWgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e2a1-493bb7a23810a9dd42b31970;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:44:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EBy3bez7xYP0GVsPOPKHIQHRy-vz69Hc2qhuoV7yMLNuO96_AEuSTQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:08:29 GMT
age: 3918
etag: "a6c26f8faf8840317a5a0c2abf6b175e9be1a00f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7ceffe-3c92-417f-bd64-15a9e9118a4a.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7ceffe-3c92-417f-bd64-15a9e9118a4a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e8175cd370c35ad06cb2d009c3f7095
4f71cdda787ce98a58f2fe9ce8ba2e7ec7b150d2
649f5309448c163e4d379f02c4af8d9b6801935eea1939c61c010b7f76af1591
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7ceffe-3c92-417f-bd64-15a9e9118a4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2951
x-amzn-requestid: 087a36dd-984f-49d1-8a37-b357967e67ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugIiH7KoAMF5uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09c-38b316cc31454446524f7b01;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eaJ3KQP30-QAP5UBuWX8BEjGmcp_cJgDVeIfQoU2c0U_WQzb1x-t5A==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:27 GMT
age: 3860
etag: "4f71cdda787ce98a58f2fe9ce8ba2e7ec7b150d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9556616ca10eb4383b1e15f360fbf6d4
cb328d0f66f4c2779bc64342ef89735636ae5ded
4f945ab342352aea3f4b2242d084d527bb517cf7c6efd0c10a828f0bee9f5d3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9227
x-amzn-requestid: 26d977d3-f4d2-4218-a8f4-a56c873e6a26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiFzKG2zIAMFoDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323e9ad-0bfac6c453e6ea5a311a28a8;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:12:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FDAZ-13mmseYF5UsTN4t2HGmdFyco33lUQgfWoc7j02kSsCDPtirBA==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 05:04:22 GMT
age: 65365
etag: "cb328d0f66f4c2779bc64342ef89735636ae5ded"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2kU9PLuzusMR04mNUdwbU6-120ESVhYJtNaIixERO68Vo9jEfP3JWg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:04:47 GMT
age: 4140
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BW8S0BG7G3&cid=15227372.1663629206>m=2oe9e0&aip=1&z=1673150505
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BW8S0BG7G3&cid=15227372.1663629206>m=2oe9e0&aip=1&z=1673150505
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BW8S0BG7G3&cid=15227372.1663629206>m=2oe9e0&aip=1&z=1673150505 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 23:13:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mwaa.com/sites/mwaa.com/files/styles/hero/public/2021-08/hm_slider_project_journey.jpg?itok=9sqqvVn3
104.18.19.82200 OK 458 kB URL HTTP/2 www.mwaa.com/sites/mwaa.com/files/styles/hero/public/2021-08/hm_slider_project_journey.jpg?itok=9sqqvVn3
IP 104.18.19.82:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=17, height=4160, bps=218, PhotometricIntepretation=RGB, description= , manufacturer=SONY, model=ILCE-7RM4, orientation=upper-left, width=6240], baseline, precision 8, 2048x1461, components 3\012- data
Size 458 kB (458437 bytes)
Hash 66e4c61d6e50e1c6cbe80c058d1c3ffe
4ddcd6bfb79ac6423dceb2c7ad8460abccc1c19e
d04fccdea24f8225cca32eeb0a3564daf5cdaf6e98f754c928981b9caeea85de
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /sites/mwaa.com/files/styles/hero/public/2021-08/hm_slider_project_journey.jpg?itok=9sqqvVn3 HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:47 GMT
content-type: image/jpeg
content-length: 458437
x-content-type-options: nosniff
last-modified: Tue, 14 Jun 2022 20:33:02 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c909f620-2dcc-11ed-9a6b-13aec221ea96
x-ah-environment: prod
age: 1169918
via: varnish
x-cache: HIT
x-cache-hits: 5147
accept-ranges: bytes
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038a48f8b51b-OSL
X-Firefox-Spdy: h2
script.hotjar.com/modules.d00377d3a043900eb4ef.js
143.204.55.40200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.d00377d3a043900eb4ef.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 74e062f975f5935c93ae5aff80efbd87
ae469032d7d943122a1e4ec7ce6dc73d185d9a76
1c4c3d71f8112224bad72285ac70e083b30a4573ac413fb3b05a0749d144ceaf
GET /modules.d00377d3a043900eb4ef.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 65532
date: Wed, 14 Sep 2022 13:09:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "74e062f975f5935c93ae5aff80efbd87"
last-modified: Wed, 14 Sep 2022 13:08:33 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zi0Xx1jPY3Qkv_h76_wrs0jfxIuOaOt4kqN2v7wG_gl7TYSYsnahJg==
age: 468280
X-Firefox-Spdy: h2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
143.204.55.20200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP 143.204.55.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ujOAKU1IjVPUyGZOV5LWPwlxlTlR6P48iNDQP5ZhLvDmzTLmlxIedQ==
age: 1087000
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-1216.min.js
151.101.86.137200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Mon, 19 Sep 2022 23:13:47 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 1229
x-timer: S1663629228.756141,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
vc.hotjar.io/sessions/1672650?s=0.25&r=0.052660356387032814
54.230.111.70204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/1672650?s=0.25&r=0.052660356387032814
IP 54.230.111.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/1672650?s=0.25&r=0.052660356387032814 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mwaa.com
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Mon, 19 Sep 2022 23:13:47 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YqkwSe6NkJuLZZYnUBNsazmRiH-8dIoKT4aDIp9UFsz1HNG7TLWmHw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b83a6b6b4befc3dde083b82c36d63a58
ee43af38bbdbf69c7f6697aa9edd70b0d1263b2b
177757fc5a4865f99a033f45e5e278d9c88ddc3344e7af940a6a7c0d934f368d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2163
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 23:13:47 GMT
Last-Modified: Mon, 19 Sep 2022 22:37:44 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash f5f4192f4df5d4f850871d4fe0af0cde
99b412a5a3d7c14666846c669f2cc341c38bdbef
5a5a0b621648cae2cca79be644c945ec39768b2d43133f26075e4fb5a5668169
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 23:13:47 GMT
Last-Modified: Mon, 19 Sep 2022 22:23:55 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HHoKvpBdOmB7t30pD5WZwmew2i9YfOX-uO9szc0wwrQdiXw5tsQT6A==
Age: 2993
bam.nr-data.net/1/e8fa144085?a=460295242&v=1216.487a282&to=ZFwHY0UAXhZSVBFZDF0WJFRDCF8LHHMXRRNSVTlWQhVfFlJBAG8FXEsIa3EOQghvdhBEDEBYE1JxDkIIcUIMXAdWS0gJRQReAVZFNVwCUFwNWFsFVRd1WBddIlBNDFhZ&rst=2903&ck=1&ref=https://www.mwaa.com/&ap=378&be=1703&fe=2815&dc=2360&perf=%7B%22timing%22:%7B%22of%22:1663629205072,%22n%22:0,%22f%22:334,%22dn%22:340,%22dne%22:410,%22c%22:410,%22s%22:413,%22ce%22:539,%22rq%22:539,%22rp%22:1119,%22rpe%22:1123,%22dl%22:1131,%22di%22:2198,%22ds%22:2360,%22de%22:2518,%22dc%22:2814,%22l%22:2814,%22le%22:2821%7D,%22navigation%22:%7B%7D%7D&fcp=1704&at=SBsEFQ0aTRg%3D&jsonp=NREUM.setToken
162.247.241.14200 OK 73 B URL HTTP/1.1 bam.nr-data.net/1/e8fa144085?a=460295242&v=1216.487a282&to=ZFwHY0UAXhZSVBFZDF0WJFRDCF8LHHMXRRNSVTlWQhVfFlJBAG8FXEsIa3EOQghvdhBEDEBYE1JxDkIIcUIMXAdWS0gJRQReAVZFNVwCUFwNWFsFVRd1WBddIlBNDFhZ&rst=2903&ck=1&ref=https://www.mwaa.com/&ap=378&be=1703&fe=2815&dc=2360&perf=%7B%22timing%22:%7B%22of%22:1663629205072,%22n%22:0,%22f%22:334,%22dn%22:340,%22dne%22:410,%22c%22:410,%22s%22:413,%22ce%22:539,%22rq%22:539,%22rp%22:1119,%22rpe%22:1123,%22dl%22:1131,%22di%22:2198,%22ds%22:2360,%22de%22:2518,%22dc%22:2814,%22l%22:2814,%22le%22:2821%7D,%22navigation%22:%7B%7D%7D&fcp=1704&at=SBsEFQ0aTRg%3D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash 516a128bb6000ca8154792678f4333fb
41d0257bea96afd36c6f3e40fcfdc9ca247f8e01
9fa62b52f24b87a40410fe842cb9be494abed114a2eac2eb406c8b4a4d372d10
GET /1/e8fa144085?a=460295242&v=1216.487a282&to=ZFwHY0UAXhZSVBFZDF0WJFRDCF8LHHMXRRNSVTlWQhVfFlJBAG8FXEsIa3EOQghvdhBEDEBYE1JxDkIIcUIMXAdWS0gJRQReAVZFNVwCUFwNWFsFVRd1WBddIlBNDFhZ&rst=2903&ck=1&ref=https://www.mwaa.com/&ap=378&be=1703&fe=2815&dc=2360&perf=%7B%22timing%22:%7B%22of%22:1663629205072,%22n%22:0,%22f%22:334,%22dn%22:340,%22dne%22:410,%22c%22:410,%22s%22:413,%22ce%22:539,%22rq%22:539,%22rp%22:1119,%22rpe%22:1123,%22dl%22:1131,%22di%22:2198,%22ds%22:2360,%22de%22:2518,%22dc%22:2814,%22l%22:2814,%22le%22:2821%7D,%22navigation%22:%7B%7D%7D&fcp=1704&at=SBsEFQ0aTRg%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 23:13:47 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 74d60391dff1b529-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=211a9084a7c7cd39; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
use.fontawesome.com/releases/v5.12.0/js/v4-shims.js
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.12.0/js/v4-shims.js
IP 172.64.133.15:0
GET /releases/v5.12.0/js/v4-shims.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mwaa.com
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: application/javascript
x-amz-id-2: C1GO898TWoF3TyJ5FdmKlSvOpz+0ymC9VgGdITFYh3q8q9BcwexawwpOuQXN5Vpf0cfEdrHyIiQS9rmDUvgCVw==
x-amz-request-id: ERQ0CJRJ7ZC908KJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:37:55 GMT
etag: W/"2ad7a30635f384d807734d9631643297"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 123413
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F3XxDwOM8uAQtQF5HHm9MeGd%2Bjw214gLhjnYED3Rv0rbKDIwNLz9K58m2UF0ezk%2Br%2FuTqK5CE78BUqIW7E48NwDPkcIWM7iHmOnKALcohIEho6BuOCfhZupXhZB1Xj0VAqhn%2FN%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d603877fd60686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/1672650/visit-data?sv=6
99.80.161.153200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/1672650/visit-data?sv=6
IP 99.80.161.153:0
POST /api/v2/client/sites/1672650/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 148
Origin: https://www.mwaa.com
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:47 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.12.0/js/all.js
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.12.0/js/all.js
IP 172.64.133.15:0
GET /releases/v5.12.0/js/all.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mwaa.com
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: application/javascript
x-amz-id-2: kPfjL/eEbUF1w67JmAIO0N49mifpbeFy8K4zLIA5aTsEL05hOUziM0fVqv631F2tdnxf4F1sVp0=
x-amz-request-id: JT4TWE2TKT0YZ7GC
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:37:55 GMT
etag: W/"1b21d2869be6436b7db5422a9083c97e"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gbalrdOTM15KecnCxOpmhVHzna02G7MNkTOJMvj39VzP0qEgsj9EJgK3TyyqiaWgNYsPzGExWxqQ4wcKnlVau3f9azLmNgc1XBhPKAC88HmBqA19qcZ3T9R3ol3CFjudmrb4FqV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d603877fd50686-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&family=Raleway:wght@200;300;400;500;600;700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700&family=Raleway:wght@200;300;400;500;600;700&display=swap
IP 142.250.74.10:0
GET /css2?family=Open+Sans:wght@300;400;600;700&family=Raleway:wght@200;300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 23:13:46 GMT
date: Mon, 19 Sep 2022 23:13:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mwaa.com/themes/custom/mwaa_barrio/logo-mwaa-white.svg
104.18.19.82200 OK 0 B URL HTTP/2 www.mwaa.com/themes/custom/mwaa_barrio/logo-mwaa-white.svg
IP 104.18.19.82:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /themes/custom/mwaa_barrio/logo-mwaa-white.svg HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:46 GMT
content-type: image/svg+xml
x-content-type-options: nosniff
last-modified: Thu, 18 Aug 2022 09:34:20 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c8bfa34a-2dcc-11ed-a48a-4701e2bbe3ae
x-ah-environment: prod
age: 1169918
via: varnish
x-cache: HIT
x-cache-hits: 18597
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d603871f16b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.mwaa.com/themes/custom/mwaa_barrio/images/icons/arrow_left.svg
104.18.19.82200 OK 0 B URL HTTP/2 www.mwaa.com/themes/custom/mwaa_barrio/images/icons/arrow_left.svg
IP 104.18.19.82:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /themes/custom/mwaa_barrio/images/icons/arrow_left.svg HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/sites/mwaa.com/files/css/css_8wEUG8IjV1uKv4eUIKSYRylwDuk60a-5MdJO_21_dtc.css
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206; ct_check_js=0a576787285146f4dee1a03a04f38ec6; ct_ps_timestamp=1663629207; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; apbct_antibot=e057b330c453aaf1b084653edef1acc2866210a559d6700bc40c126dd2634986; ct_has_scrolled=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:47 GMT
content-type: image/svg+xml
x-content-type-options: nosniff
last-modified: Thu, 18 Aug 2022 09:34:20 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c923a110-2dcc-11ed-b15b-2fbfb46f9ccc
x-ah-environment: prod
age: 1169918
via: varnish
x-cache: HIT
x-cache-hits: 5156
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038deb5fb51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.mwaa.com/themes/custom/mwaa_barrio/images/icons/arrow_right.svg
104.18.19.82200 OK 0 B URL HTTP/2 www.mwaa.com/themes/custom/mwaa_barrio/images/icons/arrow_right.svg
IP 104.18.19.82:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /themes/custom/mwaa_barrio/images/icons/arrow_right.svg HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/sites/mwaa.com/files/css/css_8wEUG8IjV1uKv4eUIKSYRylwDuk60a-5MdJO_21_dtc.css
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206; ct_check_js=0a576787285146f4dee1a03a04f38ec6; ct_ps_timestamp=1663629207; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; apbct_antibot=e057b330c453aaf1b084653edef1acc2866210a559d6700bc40c126dd2634986; ct_has_scrolled=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:47 GMT
content-type: image/svg+xml
x-content-type-options: nosniff
last-modified: Thu, 18 Aug 2022 09:34:20 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:15:08 GMT
x-request-id: v-c928f872-2dcc-11ed-ac0c-2be747e0ca13
x-ah-environment: prod
age: 1169918
via: varnish
x-cache: HIT
x-cache-hits: 5123
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038deb60b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1672650.js?sv=6
54.230.111.39200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1672650.js?sv=6
IP 54.230.111.39:0
GET /c/hotjar-1672650.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 19 Sep 2022 23:13:47 GMT
cache-control: max-age=60
etag: W/e977ec209422fe27582d8a22ba30ff12
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4_SBiTSCYFmOlN7qXH507hV_03aJBb5RyB2RLN8ARBh62B7n8UJ-Yg==
X-Firefox-Spdy: h2
www.mwaa.com/themes/custom/mwaa_barrio/favicon.ico
104.18.19.82200 OK 0 B URL HTTP/2 www.mwaa.com/themes/custom/mwaa_barrio/favicon.ico
IP 104.18.19.82:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /themes/custom/mwaa_barrio/favicon.ico HTTP/1.1
Host: www.mwaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mwaa.com/
Cookie: _ga_BW8S0BG7G3=GS1.1.1663629206.1.0.1663629206.60.0.0; _ga=GA1.1.15227372.1663629206; ct_check_js=0a576787285146f4dee1a03a04f38ec6; ct_ps_timestamp=1663629207; ct_fkp_timestamp=0; ct_pointer_data=0; ct_timezone=0; apbct_antibot=e057b330c453aaf1b084653edef1acc2866210a559d6700bc40c126dd2634986; ct_has_scrolled=false; alertsText=Yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 23:13:47 GMT
content-type: image/x-icon
x-content-type-options: nosniff
last-modified: Thu, 18 Aug 2022 09:34:20 GMT
cache-control: max-age=1209600
expires: Tue, 20 Sep 2022 10:14:06 GMT
x-request-id: v-a4123daa-2dcc-11ed-bd39-876239540445
x-ah-environment: prod
age: 1169980
via: varnish
x-cache: HIT
x-cache-hits: 15762
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 74d6038f6c7fb51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2