Overview

URLhayeyy.regayef.com/
IP 5.161.148.161 (United States)
ASN#213230 Hetzner Online GmbH
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2023-01-21 04:29:47 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (8)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2023-01-20 11:33:34 UTC 34.120.237.76
hayeyy.regayef.com (10) 0 2023-01-19 04:37:14 UTC 2023-01-20 04:25:59 UTC 5.161.148.161 Unknown ranking
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2023-01-20 04:09:03 UTC 95.101.11.115
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2023-01-20 04:09:06 UTC 35.241.9.150
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2023-01-20 04:10:40 UTC 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2023-01-20 04:09:19 UTC 34.117.237.239
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2023-01-20 13:45:05 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2023-01-20 04:09:19 UTC 54.70.239.215

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2023-01-21 2 hayeyy.regayef.com/ Phishing
2023-01-21 2 hayeyy.regayef.com/noindex/css/fonts/Light/OpenSans-Light.woff Phishing
2023-01-21 2 hayeyy.regayef.com/noindex/css/fonts/Bold/OpenSans-Bold.woff Phishing
2023-01-21 2 hayeyy.regayef.com/noindex/css/fonts/Light/OpenSans-Light.ttf Phishing
2023-01-21 2 hayeyy.regayef.com/noindex/css/fonts/Bold/OpenSans-Bold.ttf Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

ThreatFox
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 5.161.148.161
Date UQ / IDS / BL URL IP
2023-02-02 10:23:15 +0000 0 - 0 - 5 nvnusp.com/ 5.161.148.161
2023-01-21 04:29:47 +0000 0 - 0 - 5 hayeyy.regayef.com/ 5.161.148.161
2023-01-18 09:30:09 +0000 0 - 0 - 5 poz4qd.regayef.com/ 5.161.148.161
2023-01-12 04:47:48 +0000 0 - 0 - 5 lundinouv.regayef.com/ 5.161.148.161


Last 5 reports on ASN: Hetzner Online GmbH
Date UQ / IDS / BL URL IP
2023-03-23 09:25:53 +0000 0 - 0 - 1 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?s (...) 5.161.78.177
2023-03-23 09:25:23 +0000 0 - 0 - 1 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?s (...) 5.161.78.177
2023-03-23 00:37:23 +0000 0 - 1 - 0 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?s (...) 5.161.78.177
2023-03-23 00:37:25 +0000 0 - 0 - 1 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?s (...) 5.161.78.177
2023-03-22 19:30:12 +0000 0 - 2 - 0 5.161.192.183/YTFlMzViNjNiNWM3/ 5.161.192.183


Last 3 reports on domain: regayef.com
Date UQ / IDS / BL URL IP
2023-01-21 04:29:47 +0000 0 - 0 - 5 hayeyy.regayef.com/ 5.161.148.161
2023-01-18 09:30:09 +0000 0 - 0 - 5 poz4qd.regayef.com/ 5.161.148.161
2023-01-12 04:47:48 +0000 0 - 0 - 5 lundinouv.regayef.com/ 5.161.148.161


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-03-23 02:18:23 +0000 0 - 4 - 6 cloudserve.pw/ 207.180.212.249
2023-03-22 22:05:31 +0000 0 - 0 - 10 185.244.129.67/ 185.244.129.67
2023-03-22 20:34:06 +0000 0 - 0 - 25 wrappixels.com 46.235.42.137
2023-03-22 08:55:44 +0000 0 - 0 - 10 103.29.182.143/ 103.29.182.143
2023-03-22 01:49:19 +0000 0 - 0 - 25 wrappixels.com 46.235.42.137

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (29)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         5.161.148.161
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=UTF-8
                                        
Date: Sat, 21 Jan 2023 04:29:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Last-Modified: Thu, 16 Oct 2014 13:20:58 GMT
ETag: "1321-5058a1e728280"
Accept-Ranges: bytes
Content-Length: 4897
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   4897
Md5:    5f3664ed52f6df47c88ec162bb36add4
Sha1:   8e66f78c4d0f075066205823d110bc1902157fcf
Sha256: 9ec2f0698f1c3497de39a192dd1c3f3e4506ff1a84dbf85082344297dc52e681

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6302
Expires: Sat, 21 Jan 2023 06:14:38 GMT
Date: Sat, 21 Jan 2023 04:29:36 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17124
Expires: Sat, 21 Jan 2023 09:15:00 GMT
Date: Sat, 21 Jan 2023 04:29:36 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 03:34:41 GMT
age: 3295
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4253
Expires: Sat, 21 Jan 2023 05:40:30 GMT
Date: Sat, 21 Jan 2023 04:29:37 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: kDPN4jKQ/fkcEeBHUtQIXbEoER8JzA//Gi/EeAttbJXGD4E9a39x/0ReI+UiX7OfB3kX4CWwaj0=
x-amz-request-id: VVEP9CSB1RSQ4N6T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 04:17:52 GMT
age: 705
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    7b922915ebf1fa3639b333f994c74f24
Sha1:   144a3f80b98fd0652d4614f24cf6cbbee40f8938
Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 21 Jan 2023 04:29:37 GMT
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /noindex/css/open-sans.css HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hayeyy.regayef.com/

search
                                         5.161.148.161
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT
ETag: "13d9-4fc0a3f32a9c0"
Accept-Ranges: bytes
Content-Length: 5081
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   5081
Md5:    0ca7398a3e9ef11b70b5dfd1a052fe58
Sha1:   8bb7623c7027e927c0eced114d6011c57101a26f
Sha256: 65e9f0d6919c412dd5a04c322ce9cf9db80a1182f57778606a76110086c49fca
                                        
                                            GET /noindex/css/bootstrap.min.css HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hayeyy.regayef.com/

search
                                         5.161.148.161
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT
ETag: "4b8d-4fc0a3f32a9c0"
Accept-Ranges: bytes
Content-Length: 19341
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (19170)
Size:   19341
Md5:    44c7856dea679ebcccf8fe201fbe1a7c
Sha1:   192a297f8aeda2bcdd0faa5320ffff825d24116f
Sha256: bc40aeafcd25bc944d0d6357298c1b198b4a1fe294e0b84015d04b72cf942c10
                                        
                                            GET /images/apache_pb.gif HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hayeyy.regayef.com/

search
                                         5.161.148.161
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT
ETag: "916-4fc0a3f32a9c0"
Accept-Ranges: bytes
Content-Length: 2326
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 259 x 32\012- data
Size:   2326
Md5:    48bc8b181b36c9289866a2e30f6afedd
Sha1:   7bcc5d916d33ab08929a9f7c1d07c33ac1ba47ba
Sha256: 1654416fec35a8b5d36ee0257025cec63e56dfe8572b6ff67c6b0d0d43158cbb
                                        
                                            GET /images/poweredby.png HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hayeyy.regayef.com/

search
                                         5.161.148.161
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT
ETag: "f74-4fc0a3f32a9c0"
Accept-Ranges: bytes
Content-Length: 3956
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 88 x 31, 8-bit/color RGB, non-interlaced\012- data
Size:   3956
Md5:    5b1ca9f747c1b73dfa1c508765d9056a
Sha1:   6b319c943d8c69e212e7de8385802891dbafe8a3
Sha256: 5b720d579bbc1f8fee3b64df9290d41a28c747a5802589e48e05b7ebbfe9fc2f
                                        
                                            GET /noindex/css/fonts/Light/OpenSans-Light.woff HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://hayeyy.regayef.com/noindex/css/open-sans.css

search
                                         5.161.148.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Content-Length: 241
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   241
Md5:    d5d3f08fc8f1b36bac0b06b89d5384ca
Sha1:   cafebd0173cce7edfcbadcea5b8eabc4d7a20511
Sha256: c4183128dc59a2ce673414a77fcab7ca0250ef354ef636df49d2b83580734ee0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noindex/css/fonts/Bold/OpenSans-Bold.woff HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://hayeyy.regayef.com/noindex/css/open-sans.css

search
                                         5.161.148.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Content-Length: 239
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   239
Md5:    55e916743163813c7b8f4524f6e36b99
Sha1:   e1353703fda388ec26bf105b4132b0459f10163e
Sha256: b5b54ea0662073c401cabb250a4f107c4763241fa43418503ae5764cff7e9ee4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 04:17:28 GMT
age: 729
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /noindex/css/fonts/Light/OpenSans-Light.ttf HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hayeyy.regayef.com/noindex/css/open-sans.css

search
                                         5.161.148.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Content-Length: 240
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   240
Md5:    5a99182bd45553a369543ec2937fa690
Sha1:   c8766a2b6d830b3d38263d54b0e88c1e384664b7
Sha256: 67db0d028a14f7beb79f8bc441b5d687ca683511965d60e40faebec708d85612

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /noindex/css/fonts/Bold/OpenSans-Bold.ttf HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hayeyy.regayef.com/noindex/css/open-sans.css

search
                                         5.161.148.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Content-Length: 238
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   238
Md5:    75a28665a8da5eb0e3200d8279c7ef42
Sha1:   ee945af618fe1976e31cd1c467ae0cd68a7fad29
Sha256: e163df3b08c83f6bdc15321fb0403d1dd059f2846037916a3d12ad2806cb5978

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: hayeyy.regayef.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hayeyy.regayef.com/

search
                                         5.161.148.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sat, 21 Jan 2023 04:29:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_auth_kerb/5.4 mod_nss/1.0.14 NSS/3.28.4 PHP/5.4.16 SVN/1.7.14 mod_wsgi/3.4 Python/2.7.5
Content-Length: 209
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5093
Cache-Control: 'max-age=158059'
Date: Sat, 21 Jan 2023 04:29:37 GMT
Last-Modified: Sat, 21 Jan 2023 03:04:44 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tSUiHkqQkn07w8BbxY80XA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.70.239.215
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jhkkHVX6JaFTZWWxZf0vZTM57Lo=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3832
Expires: Sat, 21 Jan 2023 05:33:31 GMT
Date: Sat, 21 Jan 2023 04:29:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3832
Expires: Sat, 21 Jan 2023 05:33:31 GMT
Date: Sat, 21 Jan 2023 04:29:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3832
Expires: Sat, 21 Jan 2023 05:33:31 GMT
Date: Sat, 21 Jan 2023 04:29:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3832
Expires: Sat, 21 Jan 2023 05:33:31 GMT
Date: Sat, 21 Jan 2023 04:29:39 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cd49e5e-faeb-493d-836c-cc9113b8b9b0.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10921
x-amzn-requestid: b85aa52c-1dd3-43a5-9f04-90186bbde581
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-W6kHFfIAMFukg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8d1dd-5c9dcaf26e66e0764c708c31;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 05:15:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8muHyow7Iv7xQKCkbRJLBsCtDaEc3LefkQypsnaEoid1_gsOTefoGg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 24576
etag: "933229226281a0284ffa0d069a64241fc0efacf4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10921
Md5:    6ee8a3f0217d169adf3c115d9d86e3da
Sha1:   933229226281a0284ffa0d069a64241fc0efacf4
Sha256: 2a7945dd444dfaef88f2c6d86ff57ab39e921b3fe83cc8df17369285c28b0fa6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52bd8cc-bd8d-41b6-8ab1-485e512fd00e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4655
x-amzn-requestid: 16417762-4656-41b9-a37a-2552e8587af9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VNEhjoAMF4cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-1b2a54434b352e1275403361;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i7NV4FkVSk8-3hb_6pdn_dvYZb7gKMpWE3I9QRf2rO4uKE7Zihsoog==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:03 GMT
age: 24576
etag: "0013c61dc65bc849fd182738c2d879e97aa379a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4655
Md5:    95b85d1a68b345de03ba50469e93748c
Sha1:   0013c61dc65bc849fd182738c2d879e97aa379a6
Sha256: ecc90632e243a7fe2fc43f66a2a8270332a5a678ddf9907dde636f704ad20cb2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F654005dd-cd6a-4a04-b168-4c2239479f83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8849
x-amzn-requestid: b9c4f018-2ad0-4543-a025-be2411d88b96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etku7EB3IAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b2c-458b9242251b6bc732cd76b2;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:02:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s5gFp9K3D0TW-30C8mz82yEsqmHCrD49HgO7iL7k8RsWpI5ag93HTw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:40:07 GMT
age: 24572
etag: "3a2f924c246c2db895b212f090bb375bc3b0b092"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8849
Md5:    ee9f8965bd2eae2b0ab84d997e664afa
Sha1:   3a2f924c246c2db895b212f090bb375bc3b0b092
Sha256: c54abbee41ddb46ea14e510d3415a85af33571decd8bc8685010857c25413b08
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd53f06d1-60cf-4ced-8bcd-877162b44d2d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7014
x-amzn-requestid: 689ad8b2-4ec8-4f61-a31e-7813c9143f9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyFHmEIAMFsHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-7ce5fef1456ecc73690eff07;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lVC3DrO-Bce6RI2oNTZLaI0n9f8OxeryVME2InWadZ_P67jstzXEPw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 03:37:06 GMT
age: 3153
etag: "498c310e0f4a84c1350bae55aec0d2a0192f8dda"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7014
Md5:    d59b0db3cc1f31f9154d32804a8e3940
Sha1:   498c310e0f4a84c1350bae55aec0d2a0192f8dda
Sha256: 14a2b4e9763a62478015d8f61bf9e44eb67dfe08a58cc94dc836dc8ff3f1b6cf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F211cdfa7-5827-4072-8e65-1a9ec62f1aad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7667
x-amzn-requestid: 178d79d6-b04c-4be0-9f7b-695bd67f9ff9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0vQKFYAIAMFy0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4f8cd-7d8782c32dca588e7b08e2cc;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 07:12:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JvUCL7KVtGPUqHa9C-KX8iGNOpTVg09pRI1SrmRNMvaycQlVzwRZLw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 11:40:54 GMT
age: 60525
etag: "633ce5043afb94e6e1bbc007f2d3d5aa24977dc0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7667
Md5:    dbfbede51b13a9e9a8d6bc85fbdb7220
Sha1:   633ce5043afb94e6e1bbc007f2d3d5aa24977dc0
Sha256: 87a0e8692e0cd05f52302daf07df84d30070e237ab7dbfafd1f308d6a5c8bb71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f6a1d61-a7ee-49c8-aab0-599a2d3c477a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7099
x-amzn-requestid: ef54c115-69f5-4f59-b7cc-3f0b7bcea6d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBUtXHUyIAMFVcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0188-6daf15f2599f28a621f328ba;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:50:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: l4LUP3u4BYSzaBG6KaKf74QDQ2e0MtiGfqZdN5cZl-GnkqecXB6XZw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 10:39:54 GMT
age: 64185
etag: "13846d5390a3a901da8bf704de5710483e8dcd12"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7099
Md5:    275deddf778d4ae137272c3f7e5a1bdd
Sha1:   13846d5390a3a901da8bf704de5710483e8dcd12
Sha256: bebb3f3c248eec96cb4b478ffc62f949d321f029748478029f44b41ef5cf615e