Overview

URL 5.175.3.113/
IP5.175.3.113
ASNHost Europe GmbH
Location France
Report completed2022-09-28 07:25:14 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-28 2 5.175.3.113/ Malware
2022-09-28 2 5.175.3.113/fonts/lato-v16-latin-regular.woff2 Malware
2022-09-28 2 5.175.3.113/img/forum.svg Malware
2022-09-28 2 5.175.3.113/img/knowlede-base.svg Malware
2022-09-28 2 5.175.3.113/img/facebook.svg Malware
2022-09-28 2 5.175.3.113/img/plesk-guides.svg Malware
2022-09-28 2 5.175.3.113/img/video-guides.svg Malware
2022-09-28 2 5.175.3.113/img/logo.svg Malware
2022-09-28 2 5.175.3.113/img/header-bg.svg Malware
2022-09-28 2 5.175.3.113/img/developers-blog.svg Malware
2022-09-28 2 5.175.3.113/fonts/lato-v16-latin-700.woff2 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-27 04:52:33 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-28 04:19:13 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-27 05:14:54 UTC 35.164.183.116
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-27 13:22:33 UTC 34.120.237.76
mnemonic passive DNS 5.175.3.113 (15) 0 No data No data 5.175.3.113 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-28 04:06:48 UTC 23.36.77.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-09-28 05:04:09 UTC 143.204.55.35
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-27 05:14:54 UTC 143.204.55.35


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 5.175.3.113

Date UQ / IDS / BL URL IP
2022-09-28 07:25:14 +0000
0 - 0 - 11 5.175.3.113/ 5.175.3.113

Last 5 reports on ASN: Host Europe GmbH

Date UQ / IDS / BL URL IP
2022-12-08 14:51:15 +0000
0 - 0 - 1 188.138.69.102/ 188.138.69.102
2022-12-08 12:57:12 +0000
0 - 0 - 2 eastdoor.in/office/a/document.html 92.204.40.196
2022-12-08 10:44:51 +0000
0 - 0 - 28 4proma.com/ 92.204.239.142
2022-12-08 02:52:04 +0000
0 - 0 - 1 swosoft.at/(S(rxhvev451arz5y45y3hcz0mz))/down (...) 5.175.26.248
2022-12-08 02:20:05 +0000
0 - 0 - 2 clickme.info/ 85.25.43.227

Last 1 reports on domain: 5.175.3.113.

Date UQ / IDS / BL URL IP
2022-09-28 07:25:14 +0000
0 - 0 - 11 5.175.3.113/ 5.175.3.113

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-28 18:47:17 +0000
0 - 0 - 15 139.99.239.78/ 139.99.239.78


JavaScript

Executed Scripts (1)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 69, repeated: 1) - SHA256: c3cb2fd97b28dfdebe0ef2444d837145f78d65d43d53ab7b51ea8b296c96ee4d

                                        < a class = "note__button"
href = "https://5.175.3.113" > Login to Plesk < /a>
                                    


HTTP Transactions (32)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Thu, 19 Dec 2019 17:53:43 GMT
Accept-Ranges: bytes
ETag: "80edbf4095b6d51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 1430


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1430
Md5:    0ab19440c039c7e6b982f7ac9d730665
Sha1:   87418555401aa7f5f591c6ea7d143c105abcd6a0
Sha256: c17c840e2916a913bf7558301644188aeea2fc9d243c354d3ab64a96047f3ae9

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7392
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 07:25:03 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 06:37:14 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xhwHopPTK2xRcNIIESbBafMnuElE0HlDhJPh9EP78i4n5qOZLwC5Zg==
Age: 2869


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0BHfb_fLrnO-SIy73CgYuGPbztxxk-pa2MHHGIoU6U3KgnDaxh_Ykw==
age: 79250
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 28 Sep 2022 07:25:03 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /fonts/lato-v16-latin-regular.woff2 HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: font/x-woff2
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 23484


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23484, version 1.0\012- data
Size:   23484
Md5:    b4d2c4c39853ee244272c04999b230ba
Sha1:   c82e22dde9716c40ba20e6c7ed03a1b66556de15
Sha256: c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /style.css HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 4724


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4724
Md5:    005892c60802107086bd78e0348c249e
Sha1:   5f475722545150fe7d635f5e214825af6cb42f26
Sha256: bc3f7477bfaad099b8b84cb64503bc057672a0c76d495ed7dbfe392b0121a5ba
                                        
                                            GET /img/forum.svg HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 5526


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   5526
Md5:    8b09a1edb9a0ed8231a66f7441808e53
Sha1:   109eb4bd44d044ba6169c64b3760dda9e94fce8e
Sha256: f47094b30c40e37bf5364fd1951d75d58f0488d3a5cd692a8841cfdcfdc1eb9a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/knowlede-base.svg HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 826


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   826
Md5:    090aea039d08ef0f808b0eb1cb32e4f4
Sha1:   ae93cf1a8f7772c9f94a7db636ad6b74a0f75a0f
Sha256: f47073e71164bcc7a9d97d191e4691c10296d83078a8bf8b0b69ba0fcaf0de09

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/facebook.svg HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 799


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   799
Md5:    d9b5d2ce0627d6293654e6d77be2aad9
Sha1:   d1d8b389756e43211eda52c61a32074383d3937e
Sha256: 69ad826369ced1bcd2aa8f0e5957b8b2d15d83ae39dee689b263390e4463338c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/plesk-guides.svg HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 2293


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (318), with CRLF line terminators
Size:   2293
Md5:    30f4072a23dbe48fd347f9c823ce6b8b
Sha1:   e0e4210608e97252fa523f37dc1b5d3c120a5c91
Sha256: 2ebe0739873b7aa3a570588fe1c39bf6d404071da6e8f064dfee8636e100b12e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/video-guides.svg HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 1302


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   1302
Md5:    43b208be7701e84c3a8c957a6861fb00
Sha1:   b794c23e1c34d490423110d1aebf157c06b6f966
Sha256: 5b92d732162077246292b219d99e634d9de16c8daf960fc117d4264f08d476a2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/logo.svg HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 2162


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1988), with CRLF line terminators
Size:   2162
Md5:    e05d67eb6b199f9bfd5793b43934be75
Sha1:   076cebe805ad367c5119a1dd9cad0b27e96d49cb
Sha256: dd1716bc74b1d43789616c5782d182440e9cf0acbb996500c2dc8c1c6e601a1c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/header-bg.svg HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/style.css

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 308


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   308
Md5:    656d7d7a476ad015f79587973f25dc4f
Sha1:   dc6db6b7c374d348353372dab9b41c87b893a498
Sha256: 70dd45eb60ac710aa1450a8250672621d64936ff3b334de15863c44184ef6357

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/developers-blog.svg HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 1322


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size:   1322
Md5:    afd4b3f5f9fa6340d37d1ad8e23d237a
Sha1:   2a8be779422df752af774d6e25feefd970985e00
Sha256: 22a69a8d0a873a78d6976e2ca911dac68584fbae3a01962d57e2300143edb273

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 06:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 07:18:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D2n_adQSek7NwGsIUdMh89IgJ0UnWYVXMzW1vgYNgjAKcBi08TYsAQ==
Age: 3330


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /img/header-server-page.png HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/style.css

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 169303


--- Additional Info ---
Magic:  PNG image data, 970 x 620, 8-bit/color RGBA, non-interlaced\012- data
Size:   169303
Md5:    3bcbf72252f1ec7d239f10ef2048da5b
Sha1:   bc9cd609ff7d338a6bcc9fd6e69e07ca0b081277
Sha256: 291df56b4065effca1f8533e2119b7d5d7dc02fa4ef7a40f74e2fe22940f0afa
                                        
                                            GET /fonts/lato-v16-latin-700.woff2 HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://5.175.3.113/style.css

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: font/x-woff2
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 22992


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22992, version 1.0\012- data
Size:   22992
Md5:    1efbd38aa76ddae2580fedf378276333
Sha1:   8a49976f2470ba2a1db6144245355d3b889312e4
Sha256: 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /img/guy.png HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/style.css

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Fri, 01 Nov 2019 10:24:14 GMT
Accept-Ranges: bytes
ETag: "01b25829e90d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 9999


--- Additional Info ---
Magic:  PNG image data, 144 x 286, 8-bit/color RGBA, non-interlaced\012- data
Size:   9999
Md5:    508c30a08de6e9a033e045a6979f76d7
Sha1:   8bbde0114d14ef4e0687fab5cc70e3bd4d96c233
Sha256: 40d72d259fff82a177cd2c2f2a1bd0024ec04a2cd5a19d5596187755cc2ae5f2
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 5.175.3.113
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://5.175.3.113/

                                         
                                         5.175.3.113
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Last-Modified: Fri, 18 Oct 2019 01:22:53 GMT
Accept-Ranges: bytes
ETag: "80542d905285d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:25:04 GMT
Content-Length: 113459


--- Additional Info ---
Magic:  MS Windows icon resource - 7 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size:   113459
Md5:    1db747255c64a30f9236e9d929e986ca
Sha1:   384023452346aa087d40c93c23ca2f5e32ff1b1f
Sha256: 88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2820
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 07:25:04 GMT
Last-Modified: Wed, 28 Sep 2022 06:38:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bbRjnlZg1+WuVUDPDAilLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.164.183.116
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vKWU8d493waYjLX63/LVkCZ8jUE=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:25:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:25:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:25:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:25:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 34682
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8500
Md5:    6139c878a7d2bd32c61fc8287996eb5b
Sha1:   9c4692ea64832895fbd107d91f879728b6a440c7
Sha256: 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7359
x-amzn-requestid: 6e3123b2-ea7e-4e3e-8399-19a66d27923f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34CEYtIAMF01w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d00-5995316c70da7a0c460ac432;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C8VwjZMvXqbQlvSRB8ugvw6o-wRUI0Xtbn91g79lSpBxrXiCzC_FXg==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:26:18 GMT
age: 32327
etag: "0cd28a243f9704140ccb9eb1415a77fcccc7cf87"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7359
Md5:    46dc8f1499f4de5f03bd87a68c3c6c7b
Sha1:   0cd28a243f9704140ccb9eb1415a77fcccc7cf87
Sha256: 3d7a5cdc0812857efabd7ab941aea6d6582790b86a9587809d222c0a8546262b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 23:06:54 GMT
age: 29891
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5944
Md5:    1fa8cb4f4be5057788cd1a2a4d0e76d6
Sha1:   1aec1d67a36867bee8069a144fb1b0d95ff2cb54
Sha256: 5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TlEcmqE03c_aVOwGbXRCTsU5MOTiUF4C93U3zcIVqzg6NCGJJGup7A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:10 GMT
age: 33355
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6721
Md5:    c4a66beda24621e812a929933c52025d
Sha1:   e951f6b11e473b68d2fdd95b822cef120d37b1eb
Sha256: 28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9304
x-amzn-requestid: d0045fdc-1e02-4039-9e0e-d3b8b255f205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1-koF_eoAMFyHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bde1d-1cb029d169ec2b1651b2ac78;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 04:01:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tmb8MRUcU1isHAQcMljVY7nPOgYuSLF6lpNXIkLkFWts3jnH7f7NaQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 06:44:50 GMT
age: 2415
etag: "28938e97773ac1a51a529e85284d228239641f01"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9304
Md5:    b97879edd864c4f251a6668c8201095f
Sha1:   28938e97773ac1a51a529e85284d228239641f01
Sha256: 143cd15afadce309b970b525818be68c23fcb2322a66ac915d1dc7418968b6c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:29:45 GMT
age: 86120
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6157
Md5:    b255b252ceed088d6f505e7e9acfcb55
Sha1:   a6b1c3e0d506ac1c66405e061e9910fafb176a7d
Sha256: b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7