Overview

URL comicsgames.com/prime/ref=nav_tooltip_redirect/136-3267367-2622238
IP64.190.63.111
ASNSEDO GmbH
Location Germany
Report completed2022-08-29 01:17:16 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-08-29 2 comicsgames.com/prime/ref=nav_tooltip_redirect/136-3267367-2622238 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-langua (...)
IP  143.204.55.115
Magic gzip compressed data, max compression\012- data
Size 53801
MD5 8193bc91454b12cb47f80473cd24bb88
SHA1 b59e63788b5b1a08bcbdba4222211fe27c5fbfec
SHA256 206c8a8950fc9ef891aaafadbbc12e7b0c9a37101b8640655d3091c07cf99167
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS partner.googleadservices.com (1) 798 2012-06-26 16:06:42 UTC 2022-08-28 23:08:58 UTC 142.250.74.98
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-08-28 23:17:11 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-28 04:49:25 UTC 35.165.182.128
mnemonic passive DNS comicsgames.com (2) 0 2019-03-27 12:36:47 UTC 2022-08-29 01:07:22 UTC 64.190.63.111 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-28 19:31:32 UTC 143.204.55.115
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-28 05:48:36 UTC 143.204.55.25
mnemonic passive DNS img.sedoparking.com (2) 54200 2013-04-22 22:23:29 UTC 2022-08-28 04:55:38 UTC 205.234.175.175
mnemonic passive DNS www.google.com (3) 7 2012-05-22 04:23:54 UTC 2022-08-28 19:14:50 UTC 142.250.74.164
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-28 04:11:28 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-08-28 04:43:52 UTC 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-08-28 04:43:45 UTC 142.250.74.3
mnemonic passive DNS afs.googleusercontent.com (2) 12123 2013-05-06 19:11:00 UTC 2022-08-28 10:06:43 UTC 142.250.74.1


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 64.190.63.111

Date UQ / IDS / BL URL IP
2022-11-28 03:29:43 +0000
0 - 0 - 1 comicsgames.com/prime/ref=nav_tooltip_redirec (...) 64.190.63.111
2022-11-28 02:47:46 +0000
0 - 0 - 1 kliniktoksikolojidernegi.org/ll/ofc 64.190.63.111
2022-11-28 02:18:57 +0000
0 - 0 - 1 mail.speechofsilence.com/wordpress/wp-content (...) 64.190.63.111
2022-11-27 23:45:21 +0000
0 - 0 - 1 niply.space/ 64.190.63.111
2022-11-27 05:05:18 +0000
0 - 0 - 1 comicsgames.com/gp/yourstore/pym/ref=pd_pyml_ (...) 64.190.63.111

Last 5 reports on ASN: SEDO GmbH

Date UQ / IDS / BL URL IP
2022-11-29 01:24:39 +0000
0 - 0 - 1 ekhwaa-ksa.com/wp-content/plugins/bbpress/inc (...) 91.195.240.94
2022-11-29 01:23:11 +0000
0 - 0 - 1 affiliate.sandboxwp.site/ 91.195.241.232
2022-11-28 23:36:56 +0000
0 - 0 - 0 ww1.cals-web.net/?sub1=2d4aff9e-6f72-11ed-be1 (...) 64.190.63.136
2022-11-28 23:36:52 +0000
0 - 0 - 0 ww1.cals-web.net/?sub1=2d4aff9e-6f72-11ed-be1 (...) 64.190.63.136
2022-11-28 22:47:31 +0000
0 - 0 - 1 hbwarez.com/ 91.195.240.12

Last 5 reports on domain: comicsgames.com

Date UQ / IDS / BL URL IP
2022-11-28 03:29:43 +0000
0 - 0 - 1 comicsgames.com/prime/ref=nav_tooltip_redirec (...) 64.190.63.111
2022-11-27 05:05:18 +0000
0 - 0 - 1 comicsgames.com/gp/yourstore/pym/ref=pd_pyml_ (...) 64.190.63.111
2022-11-27 04:38:10 +0000
0 - 0 - 1 comicsgames.com/gp/yourstore/pym/ref=pd_pyml_ (...) 64.190.63.111
2022-11-27 04:35:09 +0000
0 - 0 - 1 comicsgames.com/gp/prime/ref=nav_prime_ajax_e (...) 64.190.63.111
2022-11-26 04:02:07 +0000
0 - 0 - 1 comicsgames.com/prime/ref=nav_tooltip_redirec (...) 64.190.63.111

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-22 23:26:55 +0000
0 - 0 - 1 ww16.bloge.com/?sub1=20221123-1026-26a1-9349- (...) 91.195.240.14
2022-11-22 02:32:48 +0000
0 - 0 - 5 www.crispbirch.com/ 81.17.29.146
2022-11-21 22:01:11 +0000
0 - 0 - 1 ww16.confucius.com.au/ 91.195.240.14
2022-11-15 09:25:32 +0000
0 - 0 - 1 ww16.knowledgeablethen.top/ 64.190.63.136
2022-11-09 17:03:06 +0000
0 - 0 - 4 cdn.discordappp.com/attachments/1034828826137 (...) 199.191.50.184


JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (33)


Request Response
                                        
                                            GET /prime/ref=nav_tooltip_redirect/136-3267367-2622238 HTTP/1.1 
Host: comicsgames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         64.190.63.111
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 29 Aug 2022 01:17:05 GMT
transfer-encoding: chunked
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zvRhuXeHsExP/733tkQo5/UdSEd7+06XwKu2KE17dD7eRgJlYUmL1CBBvC20Sx4nbbRxwjDiqF8y1dgQ8Y6F/Q==
last-modified: Mon, 29 Aug 2022 01:17:05 GMT
x-cache-miss-from: parking-5df4695cd5-9rnxv
server: NginX
content-encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10070)
Size:   7246
Md5:    8ccfd3220963d5b6de9c6cdde7092901
Sha1:   c6091b44063fa222f09922a3044dac2ba1b00888
Sha256: 6ffe24f27d5d499613169a8d80a56d68adb7897d429383c17b7a9c539d525bb4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3471
Expires: Mon, 29 Aug 2022 02:14:56 GMT
Date: Mon, 29 Aug 2022 01:17:05 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 29 Aug 2022 00:25:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D6L84sU9qnhgW0Y7VtPTUWvZ7mHilJAm3Pl1CLVKop03uDHeTtuvaA==
Age: 3117


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1cTiCy7kDx1Ua4fBJgkJJg5TDENYb7upzW5D7aaUpe7m0nKr15rShA==
age: 9667
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /templates/bg/arrows.png HTTP/1.1 
Host: img.sedoparking.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comicsgames.com/

                                         
                                         205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 29 Aug 2022 01:17:05 GMT
Content-Length: 12642
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Mon, 05 Sep 2022 01:17:05 GMT
X-CFHash: "6dc0bad9aa452ff871b282dabd47131e"
X-CFF: B
Last-Modified: Mon, 11 Oct 2021 05:39:44 GMT
X-CF3: H
CF4Age: 368
x-cf-tsc: 1636529444
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: fecfd728798e1f92187c42da32b20609
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 426 x 475, 8-bit/color RGBA, non-interlaced\012- data
Size:   12642
Md5:    6dc0bad9aa452ff871b282dabd47131e
Sha1:   01411e6726e033240caa3926141a6adbc18a2d73
Sha256: 3059fbd6cd3550047483dca4071c93e5cf4cc79ce8bafc4388166fbc5279644b
                                        
                                            GET /adsense/domains/caf.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comicsgames.com/

                                         
                                         142.250.74.164
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Mon, 29 Aug 2022 01:17:05 GMT
Expires: Mon, 29 Aug 2022 01:17:05 GMT
Cache-Control: private, max-age=3600
ETag: "11868319621735924881"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0


--- Additional Info ---
Magic:  ASCII text, with very long lines (1885)
Size:   53481
Md5:    adfeead1f8df6eb7323437c0736599d2
Sha1:   fdb6820320a8a6fa4bef2050b9f20e9478646d43
Sha256: 156a98d3edb0a7724e79fafeca60a356a8e03a94ed08f7825d1801b62392c085
                                        
                                            GET /search/tsc.php?200=NDAzNzI0OTUx&21=OTEuOTAuNDIuMTU0&681=MTY2MTczNTgyNWFmNGVmMDkxNTJiNjExMDgyM2FmNjliNThhYmNkZmY0&crc=4e261b556134977c577fe780d386ae93539716c1&cv=1 HTTP/1.1 
Host: comicsgames.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comicsgames.com/prime/ref=nav_tooltip_redirect/136-3267367-2622238

                                         
                                         64.190.63.111
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Mon, 29 Aug 2022 01:17:06 GMT
content-length: 0
x-cache-miss-from: parking-5df4695cd5-t2487
server: NginX

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /templates/logos/sedo_logo.png HTTP/1.1 
Host: img.sedoparking.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://comicsgames.com/

                                         
                                         205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Content-Length: 15086
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Mon, 05 Sep 2022 01:17:06 GMT
X-CFHash: "def00c11b1596db4efee6a9fbe64fc27"
X-CFF: B
Last-Modified: Mon, 11 Jan 2021 07:44:34 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1633605922
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: b8db39b9dce35896ebcda4fc476839fe
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   15086
Md5:    def00c11b1596db4efee6a9fbe64fc27
Sha1:   bd298981e6d8d7e4ffa18abcf687041f4246672d
Sha256: 95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /afs/ads/i/iframe.html HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://comicsgames.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/html
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: script-src 'nonce-gU7UtUzF_gIr3gbwHITlSQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none'
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-length: 729
date: Mon, 29 Aug 2022 01:17:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 18 Oct 2021 14:30:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Size:   729
Md5:    af5deaaa1f2ddf30ac6b0de668290dbb
Sha1:   af2e341ef9f8ed8ec817aae82e83a4e1436ba514
Sha256: dfcc9032f36864ab594cf504af7f507819a6d817f6b1f815e5f4c5cbc5420a78
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gampad/cookie.js?domain=comicsgames.com&client=dp-sedo85_3ph&product=SAS&callback=__sasCookie HTTP/1.1 
Host: partner.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://comicsgames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 29 Aug 2022 01:17:06 GMT
server: cafe
cache-control: private
content-length: 182
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   182
Md5:    3663ad687d552ac20d6c0ca6a5188b09
Sha1:   421a341b7121acc856e0cef6072465dca323031b
Sha256: 73860afe9197e45eb0724a986df312ec7d572ac13d8d383b07cf29f843dc44d4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /afs/ads?adsafe=low&adtest=off&psid=9330244380&channel=%2Cexp-0051%2Cauxa-control-1%2C12572816&client=dp-sedo85_3ph&r=m&hl=no&type=3&uiopt=false&swp=as-drid-2969278013161583&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300953%2C17300956%2C17301094%2C17301097&format=r3%7Cs&nocache=5551661735825960&num=0&output=afd_ads&domain_name=comicsgames.com&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1661735825973&u_w=1280&u_h=1024&biw=1268&bih=892&psw=1268&psh=999&frm=0&uio=--&cont=rb-default&jsid=caf&jsv=469225491&rurl=http%3A%2F%2Fcomicsgames.com%2Fprime%2Fref%3Dnav_tooltip_redirect%2F136-3267367-2622238&adbw=slave-1-1%3A300%2Cmaster-1%3A463 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://comicsgames.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
content-disposition: inline
date: Mon, 29 Aug 2022 01:17:06 GMT
expires: Mon, 29 Aug 2022 01:17:06 GMT
cache-control: private, max-age=3600
content-encoding: br
server: gws
content-length: 2046
x-xss-protection: 0
set-cookie: CONSENT=PENDING+721; expires=Wed, 28-Aug-2024 01:17:06 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5230)
Size:   2046
Md5:    77999d2ed09176b72264652bd67da756
Sha1:   e24a1f522ee67583a61062a699bd0abf4a3175d3
Sha256: 39b949717edb8bdc997fc43644953436bd06974632ab7eca3ad0133da80530f3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 29 Aug 2022 00:17:12 GMT
Cache-Control: max-age=3600
Expires: Mon, 29 Aug 2022 00:51:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -FSo2FxEEwgfh24gHypbVE369e3Pe0nFpX8sJKLANAw7AnvwSOR7jw==
Age: 3594


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   53801
Md5:    8193bc91454b12cb47f80473cd24bb88
Sha1:   b59e63788b5b1a08bcbdba4222211fe27c5fbfec
Sha256: 206c8a8950fc9ef891aaafadbbc12e7b0c9a37101b8640655d3091c07cf99167

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 28 Aug 2022 08:02:07 GMT
expires: Mon, 29 Aug 2022 07:02:07 GMT
cache-control: public, max-age=82800
age: 62099
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   174
Md5:    4de8b85c8915995b571bde50e231be7c
Sha1:   29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
Sha256: 2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
                                        
                                            GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1 
Host: afs.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.1
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 28 Aug 2022 02:40:48 GMT
expires: Mon, 29 Aug 2022 01:40:48 GMT
cache-control: public, max-age=82800
age: 81378
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size:   272
Md5:    bbbac37f0b6e29a6099e4aa7cb19d6ca
Sha1:   0acafe95e2141f0af6109203efeb2d98e6b926c6
Sha256: a3d7b37475de5a3a350d4dc4790f14a6a5f4045726d2eae4cbe9bd59aeba2fe2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 29 Aug 2022 01:17:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2520
Cache-Control: 'max-age=158059'
Date: Mon, 29 Aug 2022 01:17:06 GMT
Last-Modified: Mon, 29 Aug 2022 00:35:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZzIrh0ZeJVQ66/fYhltXjQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.165.182.128
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: B2X5FvMOb1KrzTYn4yVL1ZbcYUI=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7015
Expires: Mon, 29 Aug 2022 03:14:03 GMT
Date: Mon, 29 Aug 2022 01:17:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7015
Expires: Mon, 29 Aug 2022 03:14:03 GMT
Date: Mon, 29 Aug 2022 01:17:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7015
Expires: Mon, 29 Aug 2022 03:14:03 GMT
Date: Mon, 29 Aug 2022 01:17:08 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10319
x-amzn-requestid: 4f0cb1b4-c2a6-410a-965c-4cc72459484a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XhG-yG-eIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309eb91-58fb7017711dd2a56fe5ef79;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 10:01:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmPdUNF6ZKhuq14rDdxLIjrde0pZyE5QH4vMwPSnCxtZDYp2cZKxPg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:37:45 GMT
age: 13163
etag: "66558c36958c9162188e7aeef27c38e0c4b37cdd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10319
Md5:    76021ba70733e8d4647f29e4c990180c
Sha1:   66558c36958c9162188e7aeef27c38e0c4b37cdd
Sha256: c5278295212999c6941d57d5cee8f4d33447302af0eb74985f5dae48434607c1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7384
x-amzn-requestid: 8c864d07-cb4e-44db-85f0-ebea10e67aaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XV7EPG0mIAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6305721a-32398abd1da8b41f48b4755c;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 00:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xerdghgmDaScECzA415SNpFYkoDKhddx_5mP2dszmZlmRxjtyJ8_og==
via: 1.1 759bceededb9469e75c24a46c03d64bc.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:44:27 GMT
age: 12761
etag: "0909d2250d8efc3093f15401713da4c74ba6707b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7384
Md5:    182339e49eb50a6d89fed9b4ac4bc39f
Sha1:   0909d2250d8efc3093f15401713da4c74ba6707b
Sha256: bc6fac01cec90f56f665671e2abab894752b9d8f1b1d5551e4d83cc53f0d4251
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F019a3a4e-a5ad-42c9-9676-e06c201f0304.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4764
x-amzn-requestid: ab79456a-df36-48fa-b902-343976389a22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xg8YcGIwIAMFlEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309da9c-3850813f0a75f52c5337b6db;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 08:49:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BJJYpOQzr3izdbdBzAAgUWJaskTKh8vyLKQdRSXQLfJbdIhTkkyQew==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:36:15 GMT
age: 51531
etag: "cd601502840615ed0e7e23f8f95b5b2853d92494"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4764
Md5:    bfbd0626ecb5adb59b2811a904e21554
Sha1:   cd601502840615ed0e7e23f8f95b5b2853d92494
Sha256: 0fec9f313dcac3ac74714bd4601bf6c72f4a3d9804b8b35a4c9dab0847234aa1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11042
x-amzn-requestid: c92cef27-0a2c-4f5e-86b7-eafa048932b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgUlVFdJIAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63099aee-794a2c5c54fe181b5756e5f6;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 04:17:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9mkgh5wKAcOaXP3AGDltgHFx1eioExP7zqPee5KQugX9SjdEhMkjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:16 GMT
age: 13312
etag: "9d37dd425e3319fbb4248718f58371b43d513ce7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11042
Md5:    5e0dc790ca607928d609e38f37c012d0
Sha1:   9d37dd425e3319fbb4248718f58371b43d513ce7
Sha256: 7f8ce6d77cbb4be87fb06ffd8f72ae997e006b933382c44b8b4e0a61743f24e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10433
x-amzn-requestid: 30849103-3a8a-4b58-9d12-2e7d76054d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJ7wFd0IAMF2PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307237e-3d931fee17b392cc6785e73d;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:23:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q4P8POo_KPs63hk4C80HwrpQLivotqjMbD2QTlcAVYmCxs1UgE0KiQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:49:19 GMT
age: 12469
etag: "ab86ca73ca4064306448863d32a1428a63df41a0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10433
Md5:    57d1f9745ba671f8688c7d96a041cd2b
Sha1:   ab86ca73ca4064306448863d32a1428a63df41a0
Sha256: d931268e003d82739af5c9ab9e91b11a892672c8ae82cbbb2f4b92a94cc2bddc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa42515d-ae2f-4b75-af96-c1bb33aa8aec.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11110
x-amzn-requestid: e662a2e9-4893-4086-98c3-96d56f3f38f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XfXP_Hg2oAMFYIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630938cc-2424cde53819156a15f18810;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 21:19:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xtpGF5NQRB3AIzR-lZl4t7LAmx_ALfXHQgrKCKdCMOrcfsubZ21bzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 03:45:51 GMT
age: 77477
etag: "da842918bc49300b1ea2f5c11b072180a7afbf0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11110
Md5:    da546949c178c4a789cfc4f59483a8cc
Sha1:   da842918bc49300b1ea2f5c11b072180a7afbf0a
Sha256: 008e42b6a798c28eeb6bf1d8502d15c6bae59961de138c087edd3ef05e758df4