Overview

URL acordimobiliar.ro/qui-quia/documents.zip
IP89.42.218.99
ASNROMARG SRL
Location Romania
Report completed2022-07-05 02:55:16 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-05 2 acordimobiliar.ro/qui-quia/documents.zip Malware
2022-07-05 2 acordimobiliar.ro/qui-quia/documents.zip Malware
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-05 2 acordimobiliar.ro Sinkholed
2022-07-05 2 acordimobiliar.ro Sinkholed


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-04 06:11:54 UTC 143.204.55.110
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-04 23:46:28 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-04 06:11:54 UTC 34.213.133.213
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-04 06:16:07 UTC 34.120.237.76
[Mnemonic Passive DNS] acordimobiliar.ro (2) 0 2019-06-25 14:41:30 UTC 2022-06-03 10:44:27 UTC 89.42.218.99 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-07-04 06:10:24 UTC 23.36.77.32
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 143.204.55.36


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 89.42.218.99

Date UQ / IDS / BL URL IP
2022-08-11 20:37:07 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-08-10 08:09:46 +0000
0 - 0 - 4 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-08-08 16:50:36 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-08-04 17:01:37 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-08-02 15:00:20 +0000
0 - 0 - 13 euromariage.ro/upload/file/29919633362.pdf 89.42.218.99
2022-07-31 14:21:01 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-30 00:08:53 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-29 08:52:43 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-27 17:59:28 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-26 17:57:01 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99

Last 10 reports on ASN: ROMARG SRL

Date UQ / IDS / BL URL IP
2022-08-12 06:27:16 +0000
0 - 0 - 1 actualitatea-crestina.ro/laudantium-reiciendi (...) 89.42.218.232
2022-08-12 02:09:05 +0000
0 - 0 - 10 select-food.ro/plugins/content/apismtp/wel/2u (...) 89.42.218.74
2022-08-12 01:51:00 +0000
0 - 0 - 1 arcb.ro/harum-laborum/documents.zip 89.42.218.232
2022-08-11 20:48:37 +0000
0 - 0 - 3 chop-shop.ro/maiores-repudiandae/documents.zip 89.47.242.199
2022-08-11 20:37:07 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-08-11 20:35:15 +0000
0 - 0 - 1 vladimirghika.ro/et-dolor/documents.zip 89.42.218.232
2022-08-11 20:16:03 +0000
0 - 0 - 2 turismtimis.ro/a-quas/documents.zip 89.42.218.164
2022-08-11 20:15:46 +0000
0 - 0 - 1 rdrcollect.ro/ad-sunt/documents.zip 89.42.218.226
2022-08-11 14:34:50 +0000
0 - 0 - 19 farmacia-organika.ro/doc/bME/o3Y/j3S/LR3cf33.zip 89.39.83.31
2022-08-11 08:08:03 +0000
0 - 0 - 3 mediaworld.ro/minima-quasi/documents.zip 89.42.218.232

Last 10 reports on domain: acordimobiliar.ro

Date UQ / IDS / BL URL IP
2022-08-11 20:37:07 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-08-10 08:09:46 +0000
0 - 0 - 4 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-08-08 16:50:36 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-08-04 17:01:37 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-31 14:21:01 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-30 00:08:53 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-29 08:52:43 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-27 17:59:28 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-26 17:57:01 +0000
0 - 0 - 5 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99
2022-07-25 21:24:35 +0000
0 - 0 - 4 acordimobiliar.ro/qui-quia/documents.zip 89.42.218.99


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (20)


Request Response
                                        
                                            GET /qui-quia/documents.zip HTTP/1.1 
Host: acordimobiliar.ro
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         89.42.218.99
HTTP/1.1 302 Found
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 683
date: Tue, 05 Jul 2022 02:55:02 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://acordimobiliar.ro/qui-quia/documents.zip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   683
Md5:    6371befc85069a96b0cb3c52e754a55a
Sha1:   de3def799f60ce2a16721687937ffb2a3f9bd3ae
Sha256: db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659"
Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11790
Expires: Tue, 05 Jul 2022 06:11:33 GMT
Date: Tue, 05 Jul 2022 02:55:03 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 05 Jul 2022 01:55:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aFGYv0TZy_eDAsMCabK-cDPgjJNKkZd5OUmAt54MR380bTCTl_5Ktg==
Age: 3600


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 04 Jul 2022 03:26:44 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LVjeNuVMuhT5ijcUtL5vJapUEcN5wz3POY6tcJ8BB9sOZIVbLDdxSg==
age: 84500
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 05 Jul 2022 02:55:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /qui-quia/documents.zip HTTP/1.1 
Host: acordimobiliar.ro
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         89.42.218.99
HTTP/2 404 Not Found
                                        
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 05 Jul 2022 02:55:02 GMT
server: LiteSpeed
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Alerts:
  Blocklists:
    - fortinet: Malware
    - quad9: Sinkholed
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 05 Jul 2022 02:52:24 GMT
Cache-Control: max-age=3600
Expires: Tue, 05 Jul 2022 03:37:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5vtqdhtjGwQZ4sDkPA1Jv44FytODGYxrpW2qNP8PW-oOUxwjCUBymA==
Age: 164


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2592
Cache-Control: max-age=107688
Date: Tue, 05 Jul 2022 02:55:04 GMT
Etag: "62c29f90-1d7"
Expires: Wed, 06 Jul 2022 08:49:52 GMT
Last-Modified: Mon, 04 Jul 2022 08:06:40 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hYzq42vLO9YNuP7Mluwwtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.213.133.213
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2aODoAulmqCPedopl0udf5Jfch0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8871
Expires: Tue, 05 Jul 2022 05:22:57 GMT
Date: Tue, 05 Jul 2022 02:55:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8871
Expires: Tue, 05 Jul 2022 05:22:57 GMT
Date: Tue, 05 Jul 2022 02:55:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8871
Expires: Tue, 05 Jul 2022 05:22:57 GMT
Date: Tue, 05 Jul 2022 02:55:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8871
Expires: Tue, 05 Jul 2022 05:22:57 GMT
Date: Tue, 05 Jul 2022 02:55:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8871
Expires: Tue, 05 Jul 2022 05:22:57 GMT
Date: Tue, 05 Jul 2022 02:55:06 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3cd6ce9-0407-4d8d-abce-cd320484902f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8043
x-amzn-requestid: 6829c9cb-f040-426f-9954-260591ce732e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Uwt-REYlIAMFr8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c35d27-074f36ca0bbe0a485b6cb40e;Sampled=0
x-amzn-remapped-date: Mon, 04 Jul 2022 21:35:35 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s4ikWDXHgpG_9zlD_5mgBlSgH8YwZDrk2HlmwKcae2wbtg_cvXr-eQ==
via: 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 04 Jul 2022 21:38:50 GMT
age: 18976
etag: "8402bc01f6e1bf1d7410536d77b93d64517260d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8043
Md5:    718a5d9632c4a36af8e1b6bc295a950e
Sha1:   8402bc01f6e1bf1d7410536d77b93d64517260d4
Sha256: 996c3c5036a35b45f36cd9f2225f6f46bb3e044caccd1615faa658467d4ee346
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3138a2a5-6ce8-4465-8dff-7307ebdd802f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 13276
x-amzn-requestid: 8e9cf5a0-c1fd-42f6-a117-735639bf60fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UnnVtEcUIAMFQNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfb8f1-703fd654621d292404bcae42;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 03:18:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OY1dqbvd00cN59M8lfMzi7khizD13gcVNsrIhslwzrLc1kI42kURiw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 04 Jul 2022 12:41:34 GMT
age: 51212
etag: "7e5a550bbbac49269cae75ce9bb92e8fdf77b086"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13276
Md5:    95aa230a6b516a252f3815c586803c15
Sha1:   7e5a550bbbac49269cae75ce9bb92e8fdf77b086
Sha256: fc3c49de063a4e13c64e799664fa6c7ccf6e42aac5973aaf1af2b7689338f3b9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cf2c77e-1216-468a-93e4-edeb0ef5de0c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5358
x-amzn-requestid: b4b2e596-5ebb-4c10-81a9-c97e8a420f72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Uwt--HP0IAMFfTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c35d2c-35cd61767b05dc3337a99b0f;Sampled=0
x-amzn-remapped-date: Mon, 04 Jul 2022 21:35:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vP8cyZmESuMiC9jsUmXsEzpR4q2exw4RPVESaRY8IMSR79JOeJug8A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 04 Jul 2022 21:38:50 GMT
age: 18976
etag: "a5e489d3022da6019d7167e74d49f09c7d289b3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5358
Md5:    26979de2a867c073fcdee1d408ff12a2
Sha1:   a5e489d3022da6019d7167e74d49f09c7d289b3f
Sha256: 76d2db477c6eb793bddb6526572f2ba00e4067f8736c9f77d515301d7cfad262
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8efc8db-c5e0-4a87-be5e-614d131a0768.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7752
x-amzn-requestid: e80b1951-682c-48b6-8dbc-4831440cea2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UePkoFQhIAMFtGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf950-3e961e9c3ac7ccc35311c0fb;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:03:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AzsTN4V1ZKz7i7FJSsjexJr2NNIVs0ry70NrstkPXUA8QsOPiaZt5w==
via: 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 04 Jul 2022 10:31:17 GMT
age: 59029
etag: "fcef00cd4536dd7e96f20ac5a2545d662059ab7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7752
Md5:    00e0456cd6656f615a6ea62da9488a35
Sha1:   fcef00cd4536dd7e96f20ac5a2545d662059ab7c
Sha256: 4c7b1aa7e0f10fe406e02e46688a88464d37c745cd81ae68333fa6fac589f60d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffd0c492-b28f-491c-93ae-58987a01e5b4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8008
x-amzn-requestid: 906bbb8e-2f84-4fe6-96a4-50b83551d567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ut-x_HRfoAMFowA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c244d9-1439d2775fcb7e5a7f38123e;Sampled=0
x-amzn-remapped-date: Mon, 04 Jul 2022 01:39:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VgG30SetUMeWKUjueu8OCmQSPorQuvYqr4I9QeKxiGA9JT3hRasS8A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 04 Jul 2022 03:58:58 GMT
age: 82568
etag: "6b588a42c03c2585117001b29f51ff9985bf353c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8008
Md5:    4f44b0a7a7258d3e10568b1949552204
Sha1:   6b588a42c03c2585117001b29f51ff9985bf353c
Sha256: 01185693612f1933f3bdf5537d7866ba661c5bb4e5fa5f5f220e3259e96802df
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9484589c-4639-47d5-82e2-d5f7e182279f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4541
x-amzn-requestid: 07e385a5-e0ea-4b26-a776-90527d660aca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Uwt3JH0SIAMFQRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c35cfa-54c88214646fb157446ed947;Sampled=0
x-amzn-remapped-date: Mon, 04 Jul 2022 21:34:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jeInCS9KaCOZdszGUE-mq6qFoeN3maxavSLWanuxPS8NnOpY-jisYw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 eab8a154a09e69260fbfe4df90182b2e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 04 Jul 2022 22:04:03 GMT
etag: "2d1fa771f93c4326f768c272ad812622ed74a89e"
content-type: image/jpeg
age: 17463
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4541
Md5:    2159e02313a32e8509d9d3c33c9d07a8
Sha1:   2d1fa771f93c4326f768c272ad812622ed74a89e
Sha256: e85ed24ed3e464f5ee53439c8cdeb871ad44f0a411e05a334167ca61eadde63c