urlquery - report: kovofilm.cz/userfiles/file/mavijimije.pdf

Overview

URL	kovofilm.cz/userfiles/file/mavijimije.pdf
IP	217.11.249.138
ASN	CASABLANCA INT a.s.
Location	Czechia
Report completed	2022-06-28 19:42:15 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-28	2	kovofilm.cz/userfiles/file/mavijimije.pdf	Phishing
2022-06-28	2	kovofilm.cz/userfiles/file/mavijimije.pdf	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-06-28 12:29:37 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-28 05:15:05 UTC	52.40.216.187
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-28 13:03:14 UTC	34.120.237.76
[Mnemonic Passive DNS]	kovofilm.cz (3)	0	No data	No data	217.11.249.138	Unknown ranking
[Mnemonic Passive DNS]	r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-06-28 04:47:27 UTC	23.36.77.32
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.7
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-28 04:55:22 UTC	54.230.111.14

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 217.11.249.138

Date	UQ / IDS / BL	URL	IP
2022-08-05 12:27:40 +0000	0 - 0 - 1	brightworks.cz/	217.11.249.138
2022-06-28 09:20:47 +0000	0 - 0 - 2	kovofilm.cz/userfiles/file/mavijimije.pdf	217.11.249.138
2022-06-23 13:23:08 +0000	0 - 0 - 1	urs-certification.com/gais/image/file/7685611 (...)	217.11.249.138
2019-05-07 03:27:48 +0200	0 - 0 - 4	bergkom.cz/	217.11.249.138
2019-04-19 23:33:59 +0200	0 - 0 - 0	www.kotanec.cz/media/k2/attachments/008v_vodo (...)	217.11.249.138
2019-03-30 22:39:59 +0100	0 - 0 - 5	kuchyne-volf.com/obrazky/dinds/alibaba/index	217.11.249.138
2019-03-19 19:20:08 +0100	0 - 0 - 0	www.urs-certification.co.uk	217.11.249.138
2018-12-18 17:58:30 +0100	0 - 0 - 1	medi-beauty.eu/	217.11.249.138
2018-12-12 19:17:58 +0100	0 - 0 - 2	www.medi-beauty.eu/invoices/8065392/DOC/En/In (...)	217.11.249.138
2018-09-27 12:30:29 +0200	0 - 0 - 6	kuchyne-volf.com/obrazky/dinds/alibaba/index.php	217.11.249.138

Last 10 reports on ASN: CASABLANCA INT a.s.

Date	UQ / IDS / BL	URL	IP
2022-08-16 16:56:11 +0000	0 - 0 - 1	cdmvt.cz/sites/default/files/86474170106.pdf	109.123.223.93
2022-08-13 15:05:51 +0000	0 - 0 - 1	slenderclub.cz/ckfinder/userfiles/files/fasuv.pdf	81.0.232.156
2022-08-13 07:29:20 +0000	0 - 0 - 8	haka-software.cz/133/LiinkedInhardest/900/	81.0.214.203
2022-08-13 06:07:16 +0000	0 - 0 - 1	ckfinder.pamlskovnik.cz/ckfinder/userfiles/files/	217.11.249.139
2022-08-12 03:56:21 +0000	0 - 0 - 1	cdmvt.cz/misc/	109.123.223.93
2022-08-10 16:07:28 +0000	0 - 0 - 1	ckeditor.pamlskovnik.cz/ckfinder/userfiles/files/	217.11.249.139
2022-08-10 05:50:58 +0000	0 - 0 - 1	ckeditor.pamlskovnik.cz/ckfinder/userfiles/files/	217.11.249.139
2022-08-09 07:04:04 +0000	0 - 0 - 11	naramkylenny.cz/	77.78.76.152
2022-08-05 22:56:30 +0000	0 - 0 - 30	latinotravel.cz/images/content/Made-in-China. (...)	81.0.212.3
2022-08-05 12:27:40 +0000	0 - 0 - 1	brightworks.cz/	217.11.249.138

Last 1 reports on domain: kovofilm.cz

Date	UQ / IDS / BL	URL	IP
2022-06-28 09:20:47 +0000	0 - 0 - 2	kovofilm.cz/userfiles/file/mavijimije.pdf	217.11.249.138

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (21)

Request	Response
GET /userfiles/file/mavijimije.pdf HTTP/1.1 Host: kovofilm.cz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 257 Md5: 1abbb3a2ec93ffb0df54065c78fb85ac$ 217.11.249.138 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Tue, 28 Jun 2022 19:41:58 GMT Server: Apache Location: https://kovofilm.cz/userfiles/file/mavijimije.pdf Content-Length: 257 Keep-Alive: timeout=3, max=400 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 257 Md5: 1abbb3a2ec93ffb0df54065c78fb85ac Sha1: b0a8aecd533c7592fc72686c2aff755093941d01 Sha256: 5e158efee081fda9709dcdb36a87f087fa1a650d913bd3152afe4c5fbf1654ae Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "82BA5EF79A337F17AC89D35A6869A1C607D98C1C1F7F599962AEDD03580A9118" Last-Modified: Sun, 26 Jun 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8032 Expires: Tue, 28 Jun 2022 21:55:51 GMT Date: Tue, 28 Jun 2022 19:41:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 63f6d471446d699d2f157ca81c302d62 Sha1: 5a1c5828e2b23650a44f34d9398bffc3c5c58adf Sha256: 82ba5ef79a337f17ac89d35a6869a1c607d98c1c1f7f599962aedd03580a9118
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 28 Jun 2022 18:47:28 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 4mHX8UGNAt8B19TPrKwSOCNUJeJYKNxwy87YXAiHo1UTKBFej-EDSA== Age: 3271 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 28 Jun 2022 02:10:56 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: cqYTyWUUDlKDkSRSOc0HdTP23c1hma1BH8_nCJ1mwohE_qHM161E1A== age: 63065 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Tue, 28 Jun 2022 19:41:59 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "18FABC89CE380E0901402998786603B3FEE5307A9D45524D57E0942FA5D9D12D" Last-Modified: Tue, 28 Jun 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21590 Expires: Wed, 29 Jun 2022 01:41:49 GMT Date: Tue, 28 Jun 2022 19:41:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9daf32b6ec24156193d4a2a69cfd856a Sha1: 03c3e18debfb2918ed2bb6f60662173c1694cf43 Sha256: 18fabc89ce380e0901402998786603b3fee5307a9d45524d57e0942fa5d9d12d
GET /userfiles/file/mavijimije.pdf HTTP/1.1 Host: kovofilm.cz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6$ 217.11.249.138 HTTP/2 404 Not Found content-length: 196 content-type: text/html; charset=iso-8859-1 date: Tue, 28 Jun 2022 19:41:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 196 Md5: 62962daa1b19bbcc2db10b7bfd531ea6 Sha1: d64bae91091eda6a7532ebec06aa70893b79e1f8 Sha256: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880 Alerts: Blocklists: - fortinet: Phishing
GET /favicon.ico HTTP/1.1 Host: kovofilm.cz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kovofilm.cz/userfiles/file/mavijimije.pdf Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	$Magic: MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size: 15086 Md5: 2d1d8ba9b218823ee5053a29dbe2b4a9$ 217.11.249.138 HTTP/2 200 OK last-modified: Thu, 15 Mar 2012 15:08:50 GMT etag: "3aee-4bb49782c0480" accept-ranges: bytes content-length: 15086 content-type: image/x-icon date: Tue, 28 Jun 2022 19:41:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size: 15086 Md5: 2d1d8ba9b218823ee5053a29dbe2b4a9 Sha1: 92727ce0702312a3db9bb417fc0315116f298c47 Sha256: 1d8cc310c34dd5b8befc57cc6bbf7b3681a61ec8656304ddec5f70fb26923416
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6168 Cache-Control: 'max-age=158059' Date: Tue, 28 Jun 2022 19:42:00 GMT Last-Modified: Tue, 28 Jun 2022 17:59:12 GMT Server: ECS (ska/F71D) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 712cf7e7267f295d1b7a467551b990f7 Sha1: 4f8262605c14d22a9d2b8a505f8f4ca7b98ff1f9 Sha256: c6ab857929ac76deefd8195d462427fe08b8d173c4e5d0ab11f1e38be774eb89
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: uMTRLhw+D1EjsPaHDAWZcA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.40.216.187 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: vdhNaWQwTo4yPnesTeHjgc4Ypp4= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.7 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Tue, 28 Jun 2022 19:31:51 GMT Cache-Control: max-age=3600 Expires: Tue, 28 Jun 2022 20:18:33 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 924RujRkHHCrsuuQ8Wk2rxq5hskijI1yIT_ma_keFBtg-wTsertFvA== Age: 609 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2574 Expires: Tue, 28 Jun 2022 20:24:56 GMT Date: Tue, 28 Jun 2022 19:42:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2574 Expires: Tue, 28 Jun 2022 20:24:56 GMT Date: Tue, 28 Jun 2022 19:42:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2574 Expires: Tue, 28 Jun 2022 20:24:56 GMT Date: Tue, 28 Jun 2022 19:42:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2574 Expires: Tue, 28 Jun 2022 20:24:56 GMT Date: Tue, 28 Jun 2022 19:42:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8882eb6-da45-41db-ad46-0dd1a2ba430b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9239 Md5: 03deaeb43b23e69171391f4696d702bf$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9239 x-amzn-requestid: b58c638b-5e8d-4466-95bc-cc01430c3762 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: URzPmEQjIAMFaJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b6ff30-6c648ca92dd32a32710ff71a;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 12:27:28 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: oFPEpoouIAOBLz3lL3txcEXMjYAHCYy4vByCkOdqOHaXbsapgqDdDQ== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Jun 2022 09:30:39 GMT age: 36683 etag: "01545e9d41f7583e7e02beccee6b4d994833416b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9239 Md5: 03deaeb43b23e69171391f4696d702bf Sha1: 01545e9d41f7583e7e02beccee6b4d994833416b Sha256: a2617211b8cdbc04a7ed0b149e9dfb78ac9e7f06c63de1a7cc042af125cd4b71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4762a76-06e0-4813-a38a-4a7549881a13.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12405 Md5: 1a2d9dcf52c7b2891f3834c3c85ea8c5$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 12405 x-amzn-requestid: c76f79e3-090b-4548-97d9-5bbdf927e780 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UXqHdGqioAMFRBA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b956fc-21f8e57c1b0443e63033797d;Sampled=0 x-amzn-remapped-date: Mon, 27 Jun 2022 07:06:36 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: BaILri0OK5vfEvccsvFZubhNguaomqNu7cd1CU7pnoLM6DNKa0-CLg== via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Jun 2022 07:10:37 GMT age: 45085 etag: "a8443bc97ae042d9ef16756a9164fe6abd311fd7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12405 Md5: 1a2d9dcf52c7b2891f3834c3c85ea8c5 Sha1: a8443bc97ae042d9ef16756a9164fe6abd311fd7 Sha256: 16510a13dc4654f4a96a90742e83d22ad7806827e79b22693a643452dc10e9e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F979d42d0-95fd-44aa-ac05-4317126deb7d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10296 Md5: 0c7819a8a078a13c8f94918183162f22$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10296 x-amzn-requestid: 0ef7d4dc-30b2-4460-84ab-82abf57b8104 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UT0c2F71IAMFZ6Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7cdeb-26aedadf5ec7a35c0ec99909;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 03:09:31 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: avKjvngKXTFwmLn2HGW3Sz_pLDgoUxqyGr3l9LjhrsVTCzFZLUxUGA== via: 1.1 a6a02464d953c7252173cbc33e5dbd36.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Jun 2022 05:44:42 GMT age: 50240 etag: "9ad56dc2b79b3862584cbd6bcd2673cc94cc17ba" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10296 Md5: 0c7819a8a078a13c8f94918183162f22 Sha1: 9ad56dc2b79b3862584cbd6bcd2673cc94cc17ba Sha256: 8b3d5c476c90e20f33a71b06f33ade15f6d7c256bcf2d6f00aef6a8814e12276
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d3ad79-4ecd-48c1-be4b-1b612474f481.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4650 Md5: ab2c6a7aac6dcb5dfb29dce59cfdc7da$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4650 x-amzn-requestid: 997cab1c-5d66-4ec6-8e39-4afb5404ac53 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UaAT3ExdoAMFkAQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ba474b-567ec0850c99075e3a133997;Sampled=0 x-amzn-remapped-date: Tue, 28 Jun 2022 00:11:55 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: V_wT2iOjRkL-Fkyyc2xsOSJrusM7oekpIVUWnPcR7KkxwDg45dw5TA== via: 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Jun 2022 00:55:10 GMT age: 67612 etag: "dc6cc23ae2603860ea15bed3a1e142cf85c5f37a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4650 Md5: ab2c6a7aac6dcb5dfb29dce59cfdc7da Sha1: dc6cc23ae2603860ea15bed3a1e142cf85c5f37a Sha256: eb0fbf85422d4461713caeced2fba048b31dca851032dccff50eba467417dda1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2607bbd-9cc2-4288-bcd4-1abdf0f59a54.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6101 Md5: f8dc6df6d0bfa053f2b4e21c320a37d8$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6101 x-amzn-requestid: fa34c94b-864a-4e14-8adc-d9f5af20524d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UZo7BFcVoAMFWqg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ba21df-3e31e69952f3bece79314ee7;Sampled=0 x-amzn-remapped-date: Mon, 27 Jun 2022 21:32:15 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: vsLg7EoMiuxvmav1_LrNEahAU8yGU_vGRAj2vW41jgxgTMEEBiN5Pg== via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Jun 2022 22:04:17 GMT age: 77865 etag: "8862743a3be46ab1a5e8bdcdf981544031240592" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6101 Md5: f8dc6df6d0bfa053f2b4e21c320a37d8 Sha1: 8862743a3be46ab1a5e8bdcdf981544031240592 Sha256: 724aa462ec0ab7c3578b9a5a63e587df9ba9594ca37b5819cda2fc7270dadc41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bede29d-8cd7-47dd-b3c8-833a7b3254b2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8291 Md5: 4885991641375390d15871e8996d9ef1$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8291 x-amzn-requestid: bd40bcf5-03c8-4c2e-87ee-65d92b1ad948 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UZpc4HCeoAMFWqg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ba22b8-084b5ea535c71d207df2ade7;Sampled=0 x-amzn-remapped-date: Mon, 27 Jun 2022 21:35:52 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 8OOCDJU2zgzBMbc2bUJcxKe0nh_Eo9I107VYrADZ43Jqg4WWIyhBuA== via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Mon, 27 Jun 2022 21:57:57 GMT etag: "63f550b58de46ebf47f949239203e8297b5126f1" content-type: image/jpeg age: 78245 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8291 Md5: 4885991641375390d15871e8996d9ef1 Sha1: 63f550b58de46ebf47f949239203e8297b5126f1 Sha256: 9f6c517ec6f04feb72457860ef78f0840bd1de342ad6531eea4c670eac58fd32