Overview

URL https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
IP217.160.0.105
ASNIONOS SE
Location Germany
Report completed2022-07-07 00:51:22 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Added / Verified Severity Host Comment
2022-07-06 2 deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuth (...) CTBC Bank
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-07 2 deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuth (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed
2022-07-06 2 deportesdiputacionourense.com Sinkholed


Files

No files detected



Passive DNS (9)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] ocsp.digicert.com (3) 86 2012-11-29 12:49:49 UTC 2022-07-06 19:05:02 UTC 93.184.220.29
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-06 17:02:11 UTC 34.120.237.76
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.14
[Mnemonic Passive DNS] r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.76.226
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] deportesdiputacionourense.com (11) 0 No data No data 217.160.0.105 Unknown ranking
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-06 04:47:23 UTC 44.240.216.68
[Mnemonic Passive DNS] epos.chinatrust.com.tw (1) 0 No data No data 203.66.181.52 Domain (chinatrust.com.tw) ranked at: 204287


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 217.160.0.105

Date UQ / IDS / BL URL IP
2022-07-29 22:59:41 +0000
0 - 0 - 7 piscinaveronza.com/geta 217.160.0.105
2022-07-28 01:24:03 +0000
0 - 0 - 1 gmicropilotes.com/uploads/files/gitexalaga.pdf 217.160.0.105
2022-07-26 08:15:08 +0000
0 - 0 - 6 piscinaveronza.com/ch/dpd/cd154 217.160.0.105
2022-07-26 08:14:46 +0000
0 - 0 - 4 piscinaveronza.com/ch/dpd/84156 217.160.0.105
2022-07-19 07:00:50 +0000
0 - 0 - 3 piscinaveronza.com/hesh/dpd/a0a54 217.160.0.105
2022-07-19 02:48:07 +0000
0 - 0 - 9 bevida.org/ 217.160.0.105
2022-07-18 22:13:45 +0000
0 - 0 - 3 piscinaveronza.com/hesh/dpd/ 217.160.0.105
2022-07-18 10:53:36 +0000
0 - 0 - 1 piscinaveronza.com/hesh/dpd/0bb16/ 217.160.0.105
2022-07-18 09:05:27 +0000
0 - 0 - 4 piscinaveronza.com/hesh/dpd 217.160.0.105
2022-07-12 17:19:32 +0000
0 - 0 - 2 deportesdiputacionourense.com/at/bank99/b6425 217.160.0.105

Last 10 reports on ASN: IONOS SE

Date UQ / IDS / BL URL IP
2022-08-20 03:49:05 +0000
0 - 0 - 2 marquesvogt.com/back/main_hXKtlXjN118.bin 217.160.0.227
2022-08-20 03:48:58 +0000
0 - 0 - 2 marquesvogt.com/main/main_hXKtlXjN118.bin 217.160.0.227
2022-08-20 03:05:29 +0000
0 - 0 - 4 british-shorthair.es/axe/tWL/ 212.227.247.250
2022-08-20 03:04:37 +0000
0 - 0 - 1 xn--cheggl-videos-fr-gastronomie-g7c.de/wp-ad (...) 217.160.0.9
2022-08-20 03:04:15 +0000
0 - 0 - 4 british-shorthair.es/axe/DKFSGF2M/ 212.227.247.250
2022-08-20 02:55:38 +0000
0 - 0 - 4 coop-host.com/player/X-6656/ 77.68.64.18
2022-08-20 02:55:23 +0000
0 - 0 - 2 annesimonnot.com/wp-admin/08987849-337/?i=1 217.160.0.176
2022-08-20 02:55:18 +0000
0 - 0 - 4 annesimonnot.com/wp-admin/08987849-337/ 217.160.0.176
2022-08-20 02:43:38 +0000
0 - 0 - 2 https://deine-bewerbung.com/wp-content/HHotdO (...) 217.160.0.106
2022-08-20 02:42:43 +0000
0 - 0 - 2 https://lifebotl.com/wp-content/233ZS9dDv/ 217.160.0.167

Last 10 reports on domain: deportesdiputacionourense.com

Date UQ / IDS / BL URL IP
2022-07-12 17:19:32 +0000
0 - 0 - 2 deportesdiputacionourense.com/at/bank99/b6425 217.160.0.105
2022-07-12 15:06:57 +0000
0 - 0 - 2 deportesdiputacionourense.com/pt/bpi 217.160.0.105
2022-07-10 01:41:05 +0000
0 - 0 - 17 deportesdiputacionourense.com/ 217.160.0.105
2022-07-07 12:14:58 +0000
0 - 0 - 3 https://deportesdiputacionourense.com/coar/A3 (...) 217.160.0.105
2022-07-07 12:14:25 +0000
0 - 0 - 3 https://deportesdiputacionourense.com/coar/A3 (...) 217.160.0.105
2022-07-07 12:13:54 +0000
0 - 0 - 2 https://deportesdiputacionourense.com/coar/A3 (...) 217.160.0.105
2022-07-07 03:03:53 +0000
0 - 0 - 11 https://deportesdiputacionourense.com/coar/A3 (...) 217.160.0.105
2022-07-07 03:03:24 +0000
0 - 0 - 11 https://deportesdiputacionourense.com/coar/A3 (...) 217.160.0.105
2022-07-07 03:02:52 +0000
0 - 0 - 16 https://deportesdiputacionourense.com/coar/A3 (...) 217.160.0.105
2022-07-07 02:53:21 +0000
0 - 0 - 13 https://deportesdiputacionourense.com/coar/A3 (...) 217.160.0.105


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (30)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 23:56:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yvnLaQwygOhU0oHFti7atpzxOTa0PxA0dCOppEqKEaqs43T75zZgww==
Age: 3286


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.14
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dGmGFYYHltbDEW5QaA4OSlLhWAQ5zjVhK3eOv3xtJ3fpEhnji01jSQ==
age: 77064
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666"
Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8071
Expires: Thu, 07 Jul 2022 03:05:40 GMT
Date: Thu, 07 Jul 2022 00:51:09 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 07 Jul 2022 00:51:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI_fichiers/style.css HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: text/css
content-length: 9412
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "24c4-5e31905b515c3"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Size:   9412
Md5:    68c0de14296048758d8c78c1db505128
Sha1:   82767bc84298f7275f36f9879e4d736cb51d5944
Sha256: a21e37f28e0471522fcbb0e6860b66a60a582246c4be912dc912b339c35f2ce0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/img/cardtype_ss.png HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 7613
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "1dbd-5e31905b52563"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size:   7613
Md5:    a5ac1c54277a4ca332b1a3f6a1386cf9
Sha1:   9159451d6a2285d783455b5e87b42a2c5ed135d6
Sha256: a5ca115514cbfc52924374b62761d7f0d1f8e510d08b32905f75b66b3a37b1e1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI_fichiers/bootstrap.css HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: text/css
content-length: 121200
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "1d970-5e31905b515c3"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   121200
Md5:    ec3bb52a00e176a7181d454dffaea219
Sha1:   6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
Sha256: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/img/CTBC_W.jpg HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: image/jpeg
content-length: 43378
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "a972-5e31905b52563"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 500x173, components 3\012- data
Size:   43378
Md5:    06c42f6de1094167e0abd6cca783d01d
Sha1:   42b724cfad1031815d794dcc5c806e9af4c2a79e
Sha256: 14832827e45f20f385f3584cb5c84441eb00df1be5aeb33882a5b4ab510ae2ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/img/card.png HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 399
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "18f-5e31905b515c3"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size:   399
Md5:    967e88754411e38b87022e9f75ee37e6
Sha1:   f76034483feda3dbc1657dcc04dc19a3e484230d
Sha256: 39459e2db25db3f30b853a7b510629f766994c88eb2af780e77d4ffa71287ee0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: text/html
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:13 GMT
etag: W/"26e6-5e31905b5e0e2"
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3955
Md5:    a55753e52c37ea79ab0fdfd5a66429d2
Sha1:   007f6c933d16b56651b3b8ea11a80eac523e337b
Sha256: 4ff18a97be54573e4962b8847031d6642872608f834e2cf96d8de293d6790d68

Alerts:
  Blocklists:
    - openphish: CTBC Bank
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/img/3D_VISA.png HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 4101
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "1005-5e31905b52563"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   4101
Md5:    02f6138a6052277445a59c0d5090d322
Sha1:   6425df5314e7b66decbd1fb1e9c543764597eaf5
Sha256: 1818f0c2ef6a363e915bd4c6c2c2cbeef0fcf60ff2da3e79cfe0d1c3bc9ff86b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/img/3D_MASTER.png HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 3098
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "c1a-5e31905b52563"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   3098
Md5:    0cd953043c7f16e239213db81814d110
Sha1:   b3d61c7d6bcc703b9f539d6f2218de8e56c0a0e7
Sha256: 203dffbf9fb647ad3576ebc57c4005c1a0cb07cc740a911585b6ba70c8d20892

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/img/3D_JCB.png HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 3042
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "be2-5e31905b52563"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size:   3042
Md5:    b3084a9baedec62e75dbcc07d569bdbe
Sha1:   5ee4ceb0eaba40a5c545a02e962ba8281fdeb79f
Sha256: eacf2b196015c40a02cf7849c614daaca5205159d7ac234ad90ea47fbb714041

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/img/twca_ssl.png HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 5949
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "173d-5e31905b515c3"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size:   5949
Md5:    f0dbd1202bab0c37401857f942dd08f0
Sha1:   cbd6d6829c95c83c80704d15b76ea4892e39d132
Sha256: 4a1d51361e6bfabde052f3b64166d7ab532241e0c634162ccd6220c76759642a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /coar/A32Q0S/post/internet/Group/1c707/img/icon_logo_ios.png HTTP/1.1 
Host: deportesdiputacionourense.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/coar/A32Q0S/post/internet/Group/1c707/SSLAuthUI.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         217.160.0.105
HTTP/2 200 OK
                                        
content-type: image/png
content-length: 191499
date: Thu, 07 Jul 2022 00:51:09 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 06 Jul 2022 01:38:12 GMT
etag: "2ec0b-5e31905b52563"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced\012- data
Size:   191499
Md5:    61945d9397b631ec4bd8bbadab654cd0
Sha1:   3c032e862f1a8d5497c455ecd09bfd096566e413
Sha256: d2bc912588bf039f1088a983464a798918b8033840e6a64782db5875467e374d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 07 Jul 2022 00:34:56 GMT
Cache-Control: max-age=3600
Expires: Thu, 07 Jul 2022 01:11:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: C5cMhSkq-MZ4eZOvkJn-13mED6krvzPdgV4qn1lVGD5ttD9DM7yB0g==
Age: 974


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2875
Cache-Control: 'max-age=158059'
Date: Thu, 07 Jul 2022 00:51:10 GMT
Last-Modified: Thu, 07 Jul 2022 00:03:15 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1675
Cache-Control: max-age=86149
Date: Thu, 07 Jul 2022 00:51:10 GMT
Etag: "62c4d4f8-1d7"
Expires: Fri, 08 Jul 2022 00:46:59 GMT
Last-Modified: Wed, 06 Jul 2022 00:19:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=129274
Date: Thu, 07 Jul 2022 00:51:10 GMT
Etag: "62c583f8-1d7"
Expires: Fri, 08 Jul 2022 12:45:44 GMT
Last-Modified: Wed, 06 Jul 2022 12:45:44 GMT
Server: nginx
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j5Cm8CK6UypBGS5PgnI1HA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.240.216.68
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bA0lcPT0cUNC+5zHHaQ6ruEeM80=

                                        
                                            GET /auth/images/favicon.ico;jsessionid=Y9-RqhQBiF6rJUdgL1HNb9zNb1B27sZeDitBg-zP HTTP/1.1 
Host: epos.chinatrust.com.tw
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deportesdiputacionourense.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         203.66.181.52
HTTP/1.0 200 OK
                                        
Server: BigIP
Connection: Keep-Alive
Content-Length: 460


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (460), with no line terminators
Size:   460
Md5:    59e3e270dc6ef41106ca3c17ce9b0c8b
Sha1:   450c7e3203434c515bdd27cdd4b3e00da85480ae
Sha256: 7bf3c7ed48ff839f40085115af09f6905c9736403157c075113cc0c7f84c41e7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20463
Expires: Thu, 07 Jul 2022 06:32:15 GMT
Date: Thu, 07 Jul 2022 00:51:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20463
Expires: Thu, 07 Jul 2022 06:32:15 GMT
Date: Thu, 07 Jul 2022 00:51:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20463
Expires: Thu, 07 Jul 2022 06:32:15 GMT
Date: Thu, 07 Jul 2022 00:51:12 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1f48beb-da86-42f3-b5da-39fa82b568cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7249
x-amzn-requestid: 74cbc653-182e-4ef0-9fe5-901ddaa4edaf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UoBIEGKqIAMFp8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfe233-383f73a750696511624ff453;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 06:14:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BVo4WA3x-2hGSrOBQTIcT5yjiYcdzQby4NDOrnrWpREFtHG5x52Jzg==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 09:18:45 GMT
age: 55947
etag: "2f79d1e28bb827f7fa60b6675dba8022c28a1a3d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7249
Md5:    5c958b0c904620aff5f5f8a74f80d9f9
Sha1:   2f79d1e28bb827f7fa60b6675dba8022c28a1a3d
Sha256: 8bba608d028bbb678f021eaca3364856f930069f44b647346e649eca4c383955
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6737
x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeP9ZG93oAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:53:29 GMT
age: 75463
etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6737
Md5:    44f59062cacc44be268845c493de29de
Sha1:   5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f
Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0584e039-a479-41c4-ad51-d842dbd32f7c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5198
x-amzn-requestid: f56b5dea-3209-4e32-985e-fbcb45c70e71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0xnWFKCIAMFe2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4fc95-159a1632285a681d7478353a;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 03:08:05 GMT
x-amz-cf-pop: SFO20-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jh8Cn-5251TNBafhSRsz0jUA8md-ZKQpjj_N1YYcUaVnJAYIdFAQ2A==
via: 1.1 21e2c668bb54ebb4456425e394c3356a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 03:19:59 GMT
age: 77473
etag: "76b2ac44ab4590c5345063d314975f483a61cb1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5198
Md5:    cd4e7dda9491e473d4b36a87915a82df
Sha1:   76b2ac44ab4590c5345063d314975f483a61cb1f
Sha256: f1e7681478f46029c90d707def4755f3d91a9f0b1d3509008bfca84d84a9634a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94470e3-8873-4e4e-909a-df8539096335.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 12294
x-amzn-requestid: e6b35bb1-bc6b-4b98-aa16-cff64cf3e4b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ua_AwHdPIAMFSzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62baab9e-4659e88772f9e8551e06800a;Sampled=0
x-amzn-remapped-date: Tue, 28 Jun 2022 07:19:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EWsndyPnvdV629tcpvI0HUzSA6Ocbb0acwQ6v5i0VWoEeGIKaF7fcw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:59:49 GMT
age: 10283
etag: "7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12294
Md5:    8b57e1aba0bce88ae13af9ccf60089bd
Sha1:   7bb8eb688c64b18a63cd78ec3c59079a65e6f9b7
Sha256: 84a48013d8c91a7ae77719feb3d5996409197bdafe93a9e6deb02dbeffe0cb4b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf054370-6b80-40cd-a42e-91d4d8e3c37e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7271
x-amzn-requestid: 3fa97801-72ce-40f1-9609-10406e6d70ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UoS0BFjuoAMFw8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bffe7f-103b3e9a2928a3ed39c62b1b;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 08:14:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TrgAb-pYFci7r56srzmwDp_mnZ6ApHI6KRaOyrHTYgJHmLcx6iNr1g==
via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 21:50:30 GMT
age: 10842
etag: "949707b56fd4aa6464f5f4a5d52b18ab72d307ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7271
Md5:    1d4f4e3ad0f3ca501b797538d0f3aaac
Sha1:   949707b56fd4aa6464f5f4a5d52b18ab72d307ff
Sha256: 66cf72056531f6151e2e72d48f07f1ba063753316160fe165cb00e125efbca90
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2fc71a-842c-433d-8506-e191aa0edcd6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4243
x-amzn-requestid: 7529aa91-0ea7-442d-a0b7-c3c74f0d5d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UthU8HNdoAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c215b9-527e994b56eb0630557d6dd5;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 22:18:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DQPLClNEQSPyiJJEq83p-1_lCk1cLIqpXQuPUQA2EzYd4kc0D9ILaw==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 04:44:24 GMT
age: 72408
etag: "5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4243
Md5:    4dadb5bd9157f2899ea250117bf6655e
Sha1:   5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3
Sha256: 236f94db1ce5926743b6f0692509ab20c17fca595b5c062133a9d24fc80d6f0d