Overview

URL https://navi33.com/?openid.ns=OESPyEv8CyH4jROJWa5qQV1RNajiFr&openid.mode=jOX2RXxDpD3aQWAr9dQhhZFsrBbGZE&openid.return_to=ox2iY48P0IGlguEfw60bXxam7w72x2&openid.identity=gjZdim3mxQ15JlB8J6Ihk91JmonKza&openid.claimed_id=a3mMBNNTjkziYOVpeGVDWSRRy0M3vQ&$redirect=
IP190.115.18.142
ASNDDOS-GUARD CORP.
Location Belize
Report completed2022-08-06 12:14:34 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-08-06 2 navi33.com/public/shared_responsive_adapter.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-08-06 2 navi33.com Sinkholed
2022-08-06 2 navi33.com Sinkholed
2022-08-06 2 navi33.com Sinkholed
2022-08-06 2 navi33.com Sinkholed


Files

No files detected



Passive DNS (9)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] navi33.com (4) 0 No data No data 190.115.18.142 Unknown ranking
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.118
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-08-06 04:58:11 UTC 23.36.77.32
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-06 05:12:46 UTC 54.230.111.64
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-08-06 09:57:42 UTC 93.184.220.29
[Mnemonic Passive DNS] community.cloudflare.steamstatic.com (7) 15754 No data No data 104.18.37.23
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-06 05:12:46 UTC 34.215.91.121
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-06 04:58:36 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 190.115.18.142

Date UQ / IDS / BL URL IP
2022-08-11 22:17:20 +0000
0 - 0 - 4 navi33.com/ 190.115.18.142
2022-08-10 20:01:19 +0000
0 - 0 - 2 navi11.com/ 190.115.18.142
2022-08-10 19:20:22 +0000
0 - 0 - 1 https://navi20.com/?openid.ns=lWNhh7WuMDYxHph (...) 190.115.18.142
2022-08-08 06:20:36 +0000
0 - 0 - 2 https://steamcommunityf.com/tradeofferi/new/p (...) 190.115.18.142
2022-08-07 17:19:22 +0000
0 - 0 - 7 csgo7.net/?openid.ns=j4nZTFhwbtON3EwlFxi9KSIR (...) 190.115.18.142
2022-08-07 02:56:00 +0000
0 - 0 - 11 https://csgo7.net/?openid.ns=j4nZTFhwbtON3Ewl (...) 190.115.18.142
2022-08-07 02:35:21 +0000
0 - 0 - 3 steamcommunityf.com/tradeofier/new/partner=11 (...) 190.115.18.142
2022-08-06 12:13:55 +0000
0 - 0 - 6 https://navi57.com/?openid.ns=OESPyEv8CyH4jRO (...) 190.115.18.142
2022-07-23 19:37:28 +0000
0 - 0 - 4 navi00.com/ 190.115.18.142
2022-07-22 07:27:18 +0000
0 - 0 - 5 https://navi11.com/give 190.115.18.142

Last 10 reports on ASN: DDOS-GUARD CORP.

Date UQ / IDS / BL URL IP
2022-08-11 22:17:20 +0000
0 - 0 - 4 navi33.com/ 190.115.18.142
2022-08-10 20:01:19 +0000
0 - 0 - 2 navi11.com/ 190.115.18.142
2022-08-10 19:20:22 +0000
0 - 0 - 1 https://navi20.com/?openid.ns=lWNhh7WuMDYxHph (...) 190.115.18.142
2022-08-09 19:47:21 +0000
0 - 0 - 20 doxbin.com/upload/IvUnknownIv 190.115.31.91
2022-08-09 18:04:41 +0000
0 - 0 - 7 ndflprofi.ru/ 190.115.18.180
2022-08-08 15:15:00 +0000
0 - 0 - 19 doxbin.com/upload/120Darknew2022 190.115.31.91
2022-08-08 06:22:29 +0000
0 - 0 - 17 belkinrouterlogin.com/ 190.115.26.62
2022-08-08 06:20:36 +0000
0 - 0 - 2 https://steamcommunityf.com/tradeofferi/new/p (...) 190.115.18.142
2022-08-08 02:14:01 +0000
0 - 0 - 3 goblintowm.wtf/ 190.115.27.171
2022-08-07 18:42:02 +0000
0 - 0 - 3 kemono.party/data/a6/1a/a61a736acf88659bde6e9 (...) 190.115.31.142

Last 2 reports on domain: navi33.com

Date UQ / IDS / BL URL IP
2022-08-11 22:17:20 +0000
0 - 0 - 4 navi33.com/ 190.115.18.142
2022-06-25 13:34:11 +0000
0 - 0 - 3 navi33.com/ 190.115.18.142


JavaScript

Executed Scripts (9)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (28)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 06 Aug 2022 12:02:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tiUo2-qULrY1WY6o1OsafN6lulObBdMsqOWRcWqNTJEyYvtM615IiA==
Age: 700


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34"
Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9398
Expires: Sat, 06 Aug 2022 14:51:01 GMT
Date: Sat, 06 Aug 2022 12:14:23 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 06 Aug 2022 04:15:27 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WauEiMrDqNn87lZPBtysaVc4SepanPmT64bS64MMgzPF4P-llp-Nng==
age: 28737
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D8FF1F87642E782E304245480A95BA58B142266003AC5D92FE09AEE587F5037A"
Last-Modified: Thu, 04 Aug 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Sat, 06 Aug 2022 18:14:00 GMT
Date: Sat, 06 Aug 2022 12:14:24 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 06 Aug 2022 11:16:14 GMT
Expires: Sat, 06 Aug 2022 11:31:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mwZpEOiHynjyH0BZQmB0oClMys-m90QgkOEflaAaoQw1uP9Kt2p7gQ==
Age: 3490


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4764
Cache-Control: 'max-age=158059'
Date: Sat, 06 Aug 2022 12:14:24 GMT
Last-Modified: Sat, 06 Aug 2022 10:55:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /public/shared/images/responsive/header_menu_hamburger.png HTTP/1.1 
Host: community.cloudflare.steamstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.37.23
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: image/png
content-length: 3777
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-ec1"
x-cache: MISS
cf-cache-status: HIT
age: 5227
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7367b12bbf84b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 244 x 212, 8-bit/color RGBA, non-interlaced\012- data
Size:   3777
Md5:    eabc76eb57feae44add7faead028521e
Sha1:   4e3e53938fad15661d2d046a868338841a95db19
Sha256: fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
                                        
                                            GET /public/shared/images/responsive/logo_valve_footer.png HTTP/1.1 
Host: community.cloudflare.steamstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.37.23
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: image/png
content-length: 1846
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-736"
x-cache: MISS
cf-cache-status: HIT
age: 3952
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7367b12bbf8ab51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 92 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   1846
Md5:    574c350c7b23ae794d5276f8580e0838
Sha1:   235c7b35c3468f8915eca01f7abdb43d34079609
Sha256: 8b97ba0dac22fe6704c1f6d95fe79613f33017804f256abb9006df0442491787
                                        
                                            GET /public/images/skin_1/footerLogo_valve.png?v=1 HTTP/1.1 
Host: community.cloudflare.steamstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.37.23
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: image/png
content-length: 3737
last-modified: Fri, 05 Jan 2018 01:34:51 GMT
etag: "5a4ed63b-e99"
x-cache: MISS
cf-cache-status: HIT
age: 5530
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7367b12bbf85b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 96 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   3737
Md5:    1626f52addb7c56fe3679d82108c62e9
Sha1:   2b414092d66ecff528950093a655f755c3c7f3b5
Sha256: ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
                                        
                                            GET /public/shared/images/login/join_pc.png?v=1 HTTP/1.1 
Host: community.cloudflare.steamstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.37.23
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: image/png
content-length: 33338
last-modified: Tue, 20 Oct 2020 23:36:29 GMT
etag: "5f8f747d-823a"
x-cache: MISS
cf-cache-status: HIT
age: 2698
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7367b12bcf93b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 772 x 528, 8-bit/color RGBA, non-interlaced\012- data
Size:   33338
Md5:    764b17e1da6963ebc217a49b77a91522
Sha1:   0684a8b6fe9eaf83dc0712902ac5c9721f7e0a42
Sha256: a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44
                                        
                                            GET /public/images/blank.gif HTTP/1.1 
Host: community.cloudflare.steamstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.37.23
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: image/gif
content-length: 807
last-modified: Fri, 05 Jan 2018 01:34:47 GMT
etag: "5a4ed637-327"
x-cache: MISS
cf-cache-status: HIT
age: 6140
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7367b12bcf90b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   807
Md5:    39bc952559e5a8f4e84ba035fb2f7390
Sha1:   4f415467396b4a50149373ca75bcb4c04c2f60b6
Sha256: 8f73ef54efc672061f69ca881fe318dccc6dd67d993cbb8e76e53e52c84ee493
                                        
                                            GET /public/shared/images/responsive/header_logo.png HTTP/1.1 
Host: community.cloudflare.steamstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.37.23
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: image/png
content-length: 10863
last-modified: Fri, 05 Jan 2018 01:35:16 GMT
etag: "5a4ed654-2a6f"
x-cache: MISS
cf-cache-status: HIT
age: 6215
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7367b12bbf8cb51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 744 x 171, 8-bit/color RGBA, non-interlaced\012- data
Size:   10863
Md5:    a4e79c73ee13cb25b60fc4b0ba1f690c
Sha1:   b690c31b2eb1b0eb085e91aaae7e79f03debe7c1
Sha256: 6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
                                        
                                            GET /public/skin_1/home.css HTTP/1.1 
Host: navi33.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/?openid.ns=OESPyEv8CyH4jROJWa5qQV1RNajiFr&openid.mode=jOX2RXxDpD3aQWAr9dQhhZFsrBbGZE&openid.return_to=ox2iY48P0IGlguEfw60bXxam7w72x2&openid.identity=gjZdim3mxQ15JlB8J6Ihk91JmonKza&openid.claimed_id=a3mMBNNTjkziYOVpeGVDWSRRy0M3vQ&$redirect=
Cookie: __ddg1_=LZFpbLiqn1wintoDh7KW
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.142
HTTP/2 200 OK
                                        
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Sat, 23 Oct 2021 11:09:45 GMT
etag: W/"36b3-17cacd7a0a8"
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   58620
Md5:    305cba41563e330a504c364ba9cbf6b1
Sha1:   d5e9382844597ed27a0a2a465874ccd20643f8c1
Sha256: 851c1f75a9f6ac498fc0c96496a5375fd078a19b1f89b5313662fbc04b5c75b7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /public/shared/images/header/btn_header_installsteam_download.png?v=1 HTTP/1.1 
Host: community.cloudflare.steamstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.37.23
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: image/png
content-length: 291
last-modified: Wed, 21 Mar 2018 00:07:17 GMT
etag: "5ab1a235-123"
x-cache: MISS
cf-cache-status: HIT
age: 5227
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7367b12c3862b51b-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 15 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size:   291
Md5:    a2796187c58c7e948159e37d6990ecc2
Sha1:   4209cd85add507247f9ce5a87a8c9095b54ee417
Sha256: 23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
                                        
                                            GET /public/login.css HTTP/1.1 
Host: navi33.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/?openid.ns=OESPyEv8CyH4jROJWa5qQV1RNajiFr&openid.mode=jOX2RXxDpD3aQWAr9dQhhZFsrBbGZE&openid.return_to=ox2iY48P0IGlguEfw60bXxam7w72x2&openid.identity=gjZdim3mxQ15JlB8J6Ihk91JmonKza&openid.claimed_id=a3mMBNNTjkziYOVpeGVDWSRRy0M3vQ&$redirect=
Cookie: __ddg1_=LZFpbLiqn1wintoDh7KW
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.142
HTTP/2 200 OK
                                        
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Sat, 23 Oct 2021 11:09:45 GMT
etag: W/"3d04-17cacd7a0a8"
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   3825
Md5:    020ac56bcb9df27592515003dec80708
Sha1:   c0fecdd37b18a0899f3e411e94b9f80c6743a856
Sha256: 8b511c00edccbea4a91948eb189200164c204d0887a29721b0fa4437a11edb3e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: buxEOUl2pM0VIKTfFNeWpA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.215.91.121
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: piHhxHHH9jh9tX4cHFRI2v665fk=

                                        
                                            GET /public/shared_global.css HTTP/1.1 
Host: navi33.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/?openid.ns=OESPyEv8CyH4jROJWa5qQV1RNajiFr&openid.mode=jOX2RXxDpD3aQWAr9dQhhZFsrBbGZE&openid.return_to=ox2iY48P0IGlguEfw60bXxam7w72x2&openid.identity=gjZdim3mxQ15JlB8J6Ihk91JmonKza&openid.claimed_id=a3mMBNNTjkziYOVpeGVDWSRRy0M3vQ&$redirect=
Cookie: __ddg1_=LZFpbLiqn1wintoDh7KW
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.142
HTTP/2 200 OK
                                        
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: text/css; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Sat, 23 Oct 2021 11:09:45 GMT
etag: W/"122dd-17cacd7a0a8"
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4303)
Size:   136150
Md5:    3d6832edcd78c50bbd9788fa8d1e0aba
Sha1:   82ca0f3c17700302fe80aaffda50ecef9fe019b9
Sha256: 3fc0520d9fc54ac73e11e9095b96683dd9f48633941c5f1960f5e91be7c1c7ae

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /public/shared_responsive_adapter.js HTTP/1.1 
Host: navi33.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://navi33.com/?openid.ns=OESPyEv8CyH4jROJWa5qQV1RNajiFr&openid.mode=jOX2RXxDpD3aQWAr9dQhhZFsrBbGZE&openid.return_to=ox2iY48P0IGlguEfw60bXxam7w72x2&openid.identity=gjZdim3mxQ15JlB8J6Ihk91JmonKza&openid.claimed_id=a3mMBNNTjkziYOVpeGVDWSRRy0M3vQ&$redirect=
Cookie: __ddg1_=LZFpbLiqn1wintoDh7KW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.142
HTTP/2 200 OK
                                        
server: ddos-guard
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests;
date: Sat, 06 Aug 2022 12:14:24 GMT
content-type: application/javascript; charset=UTF-8
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Sat, 23 Oct 2021 11:09:45 GMT
etag: W/"2860-17cacd7a0a8"
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9936), with no line terminators
Size:   125852
Md5:    6c78ad4446c4c86f9851326bf7b0082e
Sha1:   87fa33cec3b97b208428c78f81b18cf1b5d38c82
Sha256: d94842f3c5388b664d0e4aa56953ef5a06b942523cb7d117672b0598a1999bba

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C952C97052BCB4AF8D3FBB70CFEFA150605486A2905EE7349EDE5564A59C21C4"
Last-Modified: Sat, 06 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14285
Expires: Sat, 06 Aug 2022 16:12:31 GMT
Date: Sat, 06 Aug 2022 12:14:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C952C97052BCB4AF8D3FBB70CFEFA150605486A2905EE7349EDE5564A59C21C4"
Last-Modified: Sat, 06 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14285
Expires: Sat, 06 Aug 2022 16:12:31 GMT
Date: Sat, 06 Aug 2022 12:14:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C952C97052BCB4AF8D3FBB70CFEFA150605486A2905EE7349EDE5564A59C21C4"
Last-Modified: Sat, 06 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14285
Expires: Sat, 06 Aug 2022 16:12:31 GMT
Date: Sat, 06 Aug 2022 12:14:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe02af17f-5236-4b47-b37c-2ca78451d001.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10873
x-amzn-requestid: 8e9e6a2e-0ebe-4e43-ac2c-bc72bcc03c3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WLBrnHDbIAMFnOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62e77cb0-34ce66152b1c495b07c56d17;Sampled=0
x-amzn-remapped-date: Mon, 01 Aug 2022 07:11:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xNvq4q3INh3Jjt5NrPR4pmWj4PkN19nEj_JUiBjnl7xf4oVfOvcULA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 06 Aug 2022 01:44:00 GMT
age: 37826
etag: "6ee0eb53fcc505c4fc8358771850a80bfdf82c7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10873
Md5:    e7264a2e7923f3a462242e2df742ab8a
Sha1:   6ee0eb53fcc505c4fc8358771850a80bfdf82c7b
Sha256: ca08424c22b7d0103db02d8ac3a2588d15fe1ff59ef6fdac56d7fef25198ed87
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfd5df4-420a-41ec-b1de-b396653699e3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8223
x-amzn-requestid: 1d39aed7-65da-4168-9a89-900d5a861e84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMdAFTKoAMFz_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8dec-114929484ac704c76691f89f;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vWXGezsy5PVgC3WkZskelMsz0v1wgoMt7-8_nrKuvEOfsUbwLXdxcw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:46:25 GMT
age: 52081
etag: "9b19561b15e7e126ee65436ba20d4ae4098e6776"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8223
Md5:    21cb9fd64193c9fa61a65be28fa65bda
Sha1:   9b19561b15e7e126ee65436ba20d4ae4098e6776
Sha256: 16676379a98b377329551dea82df06b036aa7a1902ecc18b2467b25c0bd0e4dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F817dc1f7-eb45-43f8-baff-dc8c8dc431d5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5927
x-amzn-requestid: 99ada533-43cd-41fc-82bb-e458f0eb1f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMb7GCHIAMFTvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8de5-229e11765cf29cea03c3627a;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4XnbV70sg2VdJpPpU4qwePJEGJtqD9fvi7N5tGLwn53qD4YlgsV2nQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:46:20 GMT
age: 52086
etag: "2f672c1b11a1c279f429a25e80e37c19d87ed31b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5927
Md5:    1d51f89b8978e5f853da0ec27aeba1f2
Sha1:   2f672c1b11a1c279f429a25e80e37c19d87ed31b
Sha256: 4b1741201668ef2b420b2c6ca02a9acec12b98c5527745229ceb27239a99881d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47127619-5c86-4363-ad38-bd0ea52d7a06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 3871
x-amzn-requestid: 8e2f628a-40e7-4a30-9250-e799388e3f06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMExESGIAMFmSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d51-548ce53641314e2f14e5c4af;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K_JIjjIoI8WKlfv4W3wDwglaTEkOabSJz7gG2zq8_1vEccPljbZilw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:58:37 GMT
age: 51349
etag: "5aafd1e4d78ce8b097b9d9333f8a583a3004ed21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3871
Md5:    2d2380784d41f22b7c39f22aa6ee89f5
Sha1:   5aafd1e4d78ce8b097b9d9333f8a583a3004ed21
Sha256: 0c0f5233c5b6e055ab79900dcd96b99dcd837a2459c75c75ba54d1289dab4ec7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5220284-1209-43a7-9af7-d1b6ed31b248.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11592
x-amzn-requestid: 73091111-067e-4c53-97ae-702fbf2b6d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaNsvHdVoAMFUDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8fea-3048002a0a2373536c9c39a1;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:47:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8Jbqi5Uh78XEiAahWe1d5Jm44X-eCqfQ4mhssDyrK1gy4h8CIBJ_g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:35 GMT
age: 52011
etag: "d2838f572736105231e6d321790315a8bf1f68eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11592
Md5:    ae3af770ca5815a2744dfad2e742d227
Sha1:   d2838f572736105231e6d321790315a8bf1f68eb
Sha256: 756c59730240921214b26350193d4471c15a98f32c959395ffb05f6b7be34ff5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa26223bd-d704-4f37-9bda-4a67147d87f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7022
x-amzn-requestid: a4b2e422-88b5-406a-9e4d-40f5cf5cbdb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMb9HouoAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8de5-08e066b803cf639d6dc69fe7;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hCi-KrTW8WV29cRt4s46po6kaTKYMb18-JSCEGbgoIbYu9tdEkJ-rw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:58:37 GMT
etag: "de125f4ffd1f967c1557f082c41477891630539c"
content-type: image/jpeg
age: 51349
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7022
Md5:    f8ee35182a507e89b787ac718a80508c
Sha1:   de125f4ffd1f967c1557f082c41477891630539c
Sha256: 8def080600f8b45c3683dfb91586c9b03bf3fbb07437e9ab9dad816909cc3021