afatech.eu/movie/newpanel/admin.php
213.186.33.5302 Moved Temporarily 138 B URL HTTP/1.1 afatech.eu/movie/newpanel/admin.php
IP 213.186.33.5:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
Analyzer Verdict Alert fortinet Malware
GET /movie/newpanel/admin.php HTTP/1.1
Host: afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
server: nginx
date: Sat, 04 Feb 2023 03:48:54 GMT
content-type: text/html
content-length: 138
location: http://www.afatech.eu/movie/newpanel/admin.php
x-iplb-request-id: 5B5A2A9A:1107_D5BA2105:0050_63DDD5A6_4116C6B2:98B6
x-iplb-instance: 16976
set-cookie: SERVERID77446=200178|Y93Vq|Y93Vq; path=/; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6393
Expires: Sat, 04 Feb 2023 05:35:28 GMT
Date: Sat, 04 Feb 2023 03:48:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19260
Expires: Sat, 04 Feb 2023 09:09:55 GMT
Date: Sat, 04 Feb 2023 03:48:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 03:43:35 GMT
content-type: application/json
age: 320
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4555
Expires: Sat, 04 Feb 2023 05:04:50 GMT
Date: Sat, 04 Feb 2023 03:48:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYyGBr48CRH/+gMxfesRfyuPIosQ1oWsaJ7Izr/LWHvmO0iLSDf45JpL0+gvq4x/sdmf39xdfjE=
x-amz-request-id: CGJ5HBBRF326QFKE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 02:52:40 GMT
age: 3375
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.afatech.eu/movie/newpanel/admin.php
213.186.33.5302 Moved Temporarily 138 B URL HTTP/1.1 www.afatech.eu/movie/newpanel/admin.php
IP 213.186.33.5:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
Analyzer Verdict Alert fortinet Malware
GET /movie/newpanel/admin.php HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: text/html
content-length: 138
location: http://www.afatech.eu
x-iplb-request-id: 5B5A2A9A:85E4_D5BA2105:0050_63DDD5A7_1BC590EE:F481
x-iplb-instance: 16980
set-cookie: SERVERID77446=200178|Y93Vq|Y93Vq; path=/; HttpOnly
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.afatech.eu/
213.186.33.5200 OK 19 kB IP 213.186.33.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1097)
Hash 4fabe5da6ce36bce2085df076f61fd48
801bfee95db13f5c5ebb6f523e04166f6210521b
7c7bd8977223dcbf1771705841d3d47b0dd3d002b1ab9fad5d37877c60523b77
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
x-iplb-request-id: 5B5A2A9A:85E4_D5BA2105:0050_63DDD5A7_1BC590EF:F481
x-iplb-instance: 16980
www.afatech.eu/__ovh/common/res/punycode.min.js
213.186.33.5200 OK 2.8 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/res/punycode.min.js
IP 213.186.33.5:0
File type ASCII text, with very long lines (2751)
Hash d4a7567cd7f3e5cef891ad29ac119d99
48df108612ef95c5b3bef98554597bb584d51aaa
6276295133ec2dc4f9f919aa53761234b2bf2c2c443f2e3d1dfffde36651617b
Analyzer Verdict Alert fortinet Malware
GET /__ovh/common/res/punycode.min.js HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: application/javascript
content-length: 2802
last-modified: Mon, 10 Jan 2022 10:52:22 GMT
etag: "61dc0fe6-af2"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:85E4_D5BA2105:0050_63DDD5A7_1BC590F2:F481
x-iplb-instance: 16980
www.afatech.eu/__ovh/common/res/jquery-1.11.3.min.js
213.186.33.5200 OK 96 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/res/jquery-1.11.3.min.js
IP 213.186.33.5:0
File type ASCII text, with very long lines (32038)
Hash 895323ed2f7258af4fae2c738c8aea49
276c87ff3e1e3155679c318938e74e5c1b76d809
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Analyzer Verdict Alert fortinet Malware
GET /__ovh/common/res/jquery-1.11.3.min.js HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: application/javascript
content-length: 95957
last-modified: Mon, 10 Jan 2022 10:52:22 GMT
etag: "61dc0fe6-176d5"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:2431_D5BA2105:0050_63DDD5A7_315E243C:98B7
x-iplb-instance: 16976
www.afatech.eu/__ovh/common/img/icon-book.png
213.186.33.5200 OK 1.8 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/icon-book.png
IP 213.186.33.5:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash be3481f7afc5c2dbca75fa5d6b1f88e9
8c0501f58dd92e1d97e7926413dd6feaec8361ef
637db324eb40d00c2e2d24dbe715484e345da1a0df0187c105a8ae33f1c92f02
GET /__ovh/common/img/icon-book.png HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/png
content-length: 1802
last-modified: Mon, 10 Jan 2022 10:52:20 GMT
etag: "61dc0fe4-70a"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:2431_D5BA2105:0050_63DDD5A7_315E243D:98B7
x-iplb-instance: 16976
www.afatech.eu/__ovh/common/img/logo-white.png
213.186.33.5200 OK 6.7 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/logo-white.png
IP 213.186.33.5:0
File type PNG image data, 622 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 29a8eaec4838a3e7eec8a3c0d3759b9c
ead87317dde636bea308c16c738c569f4cbed864
5a3568e06f260913fa30a263ecbb6a14c99d6c1b6c26c58d80371ea383adeee2
GET /__ovh/common/img/logo-white.png HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/png
content-length: 6719
last-modified: Mon, 10 Jan 2022 10:52:21 GMT
etag: "61dc0fe5-1a3f"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:85E4_D5BA2105:0050_63DDD5A7_1BC590F6:F481
x-iplb-instance: 16980
www.afatech.eu/__ovh/common/img/icon-mail.png
213.186.33.5200 OK 1.6 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/icon-mail.png
IP 213.186.33.5:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash dede6e1e894fb8222cf3b448c030752d
00cd2d0bf8ec2e4f5fa2792999d67de0de2891f9
0169613aed283039f11ce01c288009a76009b5446d4760f11e3b3d5e6a852d76
GET /__ovh/common/img/icon-mail.png HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/png
content-length: 1647
last-modified: Mon, 10 Jan 2022 10:52:20 GMT
etag: "61dc0fe4-66f"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:E68C_D5BA2105:0050_63DDD5A7_58703E3E:98B5
x-iplb-instance: 16976
www.afatech.eu/__ovh/common/img/hr.png
213.186.33.5200 OK 1.0 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/hr.png
IP 213.186.33.5:0
File type PNG image data, 913 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f67d6b9723acc7264b19dad885ae198
0e07395d4b3f0cb964a09f27e20fe1a666baba32
4ef4c2a99a3dcbcddd222c045c489fdb8a4940481730faa2f06110405bc4610c
GET /__ovh/common/img/hr.png HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/png
content-length: 1027
last-modified: Mon, 10 Jan 2022 10:52:20 GMT
etag: "61dc0fe4-403"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:BA41_D5BA2105:0050_63DDD5A7_A0B208D6:25AAE
x-iplb-instance: 16982
www.afatech.eu/__ovh/common/img/webcloud.png
213.186.33.5200 OK 81 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/webcloud.png
IP 213.186.33.5:0
File type PNG image data, 337 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash 340dd21769ed23c530fe5f5e5ff680bc
1d7eec07369b834429402806169d82334e69cd43
0928144cd78da581482fdec622f8da5532ee617553c7dc4b270a4227dd6c06dc
GET /__ovh/common/img/webcloud.png HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/png
content-length: 80769
last-modified: Mon, 10 Jan 2022 10:52:21 GMT
etag: "61dc0fe5-13b81"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:2431_D5BA2105:0050_63DDD5A7_315E2444:98B7
x-iplb-instance: 16976
www.afatech.eu/__ovh/common/img/icon-app-gear.png
213.186.33.5200 OK 1.8 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/icon-app-gear.png
IP 213.186.33.5:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 86cc10012af5e99545efe294888eae17
24d7078caca4e8b0521564894c9db9adf3df9cd1
2f68ef6162f850a7cc927b7f08785af03e00de3fbf180c51792c9c7b3a3ef04b
GET /__ovh/common/img/icon-app-gear.png HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/png
content-length: 1798
last-modified: Mon, 10 Jan 2022 10:52:20 GMT
etag: "61dc0fe4-706"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:85E4_D5BA2105:0050_63DDD5A7_1BC590F9:F481
x-iplb-instance: 16980
www.afatech.eu/__ovh/common/img/baremetal-servers.png
213.186.33.5200 OK 88 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/baremetal-servers.png
IP 213.186.33.5:0
File type PNG image data, 300 x 263, 8-bit/color RGBA, non-interlaced\012- data
Hash d9617469e67ea3306f55a557a5e3019c
c2d54806da0c212c7d6ae061396b660350358a8b
ff4b64b82908d6ef259c27c5dbc78abe2e8e0211419f987cab4cf5be03478968
GET /__ovh/common/img/baremetal-servers.png HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/png
content-length: 87739
last-modified: Mon, 10 Jan 2022 10:52:19 GMT
etag: "61dc0fe3-156bb"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:958B_D5BA2105:0050_63DDD5A7_2ADF99EF:A84F
x-iplb-instance: 16978
www.afatech.eu/__ovh/common/img/shadow.jpg
213.186.33.5200 OK 6.4 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/shadow.jpg
IP 213.186.33.5:0
File type PNG image data, 929 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 95b64f2c459d45ca55e3fcc9e7c7cd9b
0a4cb3d1d9b865786c5051457860331cf7631bec
2352f6199bcbd89e13ae116302336d34ecdce48e111ed7a3bd08ca1340cdc97b
GET /__ovh/common/img/shadow.jpg HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/jpeg
content-length: 6369
last-modified: Mon, 10 Jan 2022 10:52:21 GMT
etag: "61dc0fe5-18e1"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:2431_D5BA2105:0050_63DDD5A7_315E2446:98B7
x-iplb-instance: 16976
www.afatech.eu/__ovh/common/img/transparentTriangle.svg
213.186.33.5200 OK 14 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/transparentTriangle.svg
IP 213.186.33.5:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 592508402103006b33bc89c86ffa14e7
2c1b8c7e6cf887e57424cb3bc016aac148b08bdc
222573ab81c8acc9ca102e72e72b74d833a9494e57bf49f5af5fb365183016d6
Analyzer Verdict Alert fortinet Malware
GET /__ovh/common/img/transparentTriangle.svg HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/svg+xml
content-length: 13855
last-modified: Mon, 10 Jan 2022 10:52:21 GMT
etag: "61dc0fe5-361f"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:E68C_D5BA2105:0050_63DDD5A7_58703E47:98B5
x-iplb-instance: 16976
www.afatech.eu/__ovh/common/img/vps.png
213.186.33.5200 OK 144 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/vps.png
IP 213.186.33.5:0
File type PNG image data, 337 x 270, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (143852 bytes)
Hash b240feaee65f0aca2119657d7a8398b5
fc2c969f5b54d5e970f183f9615b4df1f4484c0b
d7d36725c1c738153be3b2da48b2a8a9415c62ca4163e39f102205fb1bc8f819
GET /__ovh/common/img/vps.png HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/png
content-length: 143852
last-modified: Mon, 10 Jan 2022 10:52:21 GMT
etag: "61dc0fe5-231ec"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:E198_D5BA2105:0050_63DDD5A7_5B72A136:25AAA
x-iplb-instance: 16982
www.afatech.eu/__ovh/common/img/favicon.ico
213.186.33.5200 OK 12 kB URL HTTP/1.1 www.afatech.eu/__ovh/common/img/favicon.ico
IP 213.186.33.5:0
File type MS Windows icon resource - 1 icon, 53x53, 32 bits/pixel\012- data
Hash 425852055853bdf564ba3affc5708954
54db9bda21f6ea759c7b5763ff6c06d62d557a33
73366da0141f74ddd220ea53c03c7be935b9794d3befe7b360e0e8fe5de0987a
GET /__ovh/common/img/favicon.ico HTTP/1.1
Host: www.afatech.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.afatech.eu/
Cookie: SERVERID77446=200178|Y93Vq|Y93Vq
HTTP/1.1 200 OK
server: nginx
date: Sat, 04 Feb 2023 03:48:55 GMT
content-type: image/x-icon
content-length: 11722
last-modified: Mon, 10 Jan 2022 10:52:20 GMT
etag: "61dc0fe4-2dca"
accept-ranges: bytes
x-iplb-request-id: 5B5A2A9A:E198_D5BA2105:0050_63DDD5A7_5B72A13B:25AAA
x-iplb-instance: 16982
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 02:49:07 GMT
age: 3589
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7022
Expires: Sat, 04 Feb 2023 05:45:58 GMT
Date: Sat, 04 Feb 2023 03:48:56 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.117.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.117.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hsNiL9ul6Wz3uyTliLJ4+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2hdJnSBnquUOVVC9Li9tTu+Gvyo=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8842
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 03:48:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8842
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 03:48:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8842
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 03:48:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8842
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 03:48:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F584e2763-154a-41f5-94f4-afe59c3b0984.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F584e2763-154a-41f5-94f4-afe59c3b0984.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1356818f64ee520358098b40ccb11e6
234448cd9f2c28ee12a3499a17b45f0b8a2e5487
3035ce56cfd2ec24b2ce90f8f7c616a4a289827204750809bcf0c999d5de1dc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F584e2763-154a-41f5-94f4-afe59c3b0984.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6038
x-amzn-requestid: 81a0fa01-9084-4f65-bded-7e134b706247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEmzHJYIAMFkkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd815e-252b7647390dab683134a0db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VV-IUD-KkEQ4JEceNG7UC9j_QzdxDiTOywUvvlFslrEuRy7Oku6gkg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:01:05 GMT
age: 20872
etag: "234448cd9f2c28ee12a3499a17b45f0b8a2e5487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 20304
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77e225775154732b55c206faa6fce355
126bdaa18d9a1650b5e3a4e883d89188e8bbf136
af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: f130379c-2ea2-43d6-a1b0-e3afd4811bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEwLFYgIAMFzwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd819a-3d0199ab38a410ff7a78a675;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:50:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QrCYar2bxFJ_7bBH-5oJ4qdaS58NXDwNJxLI7ILxrBkzvzGV95PSFw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
age: 19101
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nIp2nUVnamnoTpFwrN1L4K1dqjYvcDGuV2yFqYskkXb14k72AZsjMg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:41 GMT
age: 20416
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:05 GMT
age: 21652
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a032104cf4ccc6ea31f163ca16386487
a0573916c3d72f0554928963c0a74413fdcb3558
8ba7b6e9b3fa28f6fd27f5f006cedac10f50d7da6c109155a2476cf04f4df932
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8909
x-amzn-requestid: 051806fe-c051-4948-a46a-48ed1df321a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFIMFLNoAMFY5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8234-212ec9a838fc64a9164f21f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:52:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 24zolqnsQilbFdqM8BnmjaH7DXfFunFyXgmOyF_FkPoatjLi137xgQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:53 GMT
age: 20284
etag: "a0573916c3d72f0554928963c0a74413fdcb3558"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2