urlquery - report: metalline.ro/sint-eveniet/documents.zip

Overview

URL	metalline.ro/sint-eveniet/documents.zip
IP	89.42.218.72
ASN	ROMARG SRL
Location	Romania
Report completed	2022-07-05 08:34:15 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-05	2	metalline.ro/sint-eveniet/documents.zip	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-05 06:46:12 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-05 05:12:14 UTC	54.188.94.105
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-05 04:01:24 UTC	34.120.237.76
[Mnemonic Passive DNS]	metalline.ro (2)	0	2019-08-28 22:25:14 UTC	2022-06-21 16:00:02 UTC	89.42.218.72	Unknown ranking
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	143.204.55.36
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-05 05:12:14 UTC	143.204.55.25
[Mnemonic Passive DNS]	r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-07-05 04:59:43 UTC	23.36.76.226
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 89.42.218.72

Date	UQ / IDS / BL	URL	IP
2022-08-14 06:28:57 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-10 08:05:41 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-09 19:10:43 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-08 16:40:56 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-05 11:55:12 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-04 05:36:05 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-03 13:06:48 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-02 05:18:40 +0000	0 - 0 - 2	metalicaprovest.ro/wp-content/plugins/siteori (...)	89.42.218.72
2022-07-31 14:20:26 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-07-28 21:20:08 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72

Last 10 reports on ASN: ROMARG SRL

Date	UQ / IDS / BL	URL	IP
2022-08-18 21:10:28 +0000	0 - 0 - 3	acordimobiliar.ro/qui-quia/documents.zip	89.42.218.99
2022-08-18 19:39:28 +0000	0 - 0 - 2	www.inchirieri-limuzinebucuresti.ro/gategroup (...)	89.39.83.184
2022-08-18 08:46:17 +0000	0 - 0 - 2	chop-shop.ro/maiores-repudiandae/documents.zip	89.47.242.199
2022-08-18 08:42:43 +0000	0 - 0 - 2	mediaworld.ro/minima-quasi/documents.zip	89.42.218.232
2022-08-17 23:53:20 +0000	0 - 0 - 1	top-promotions24.com/ro/megaviril/	89.42.218.133
2022-08-17 03:11:38 +0000	0 - 0 - 2	chop-shop.ro/maiores-repudiandae/documents.zip	89.47.242.199
2022-08-16 20:19:47 +0000	0 - 0 - 2	chop-shop.ro/maiores-repudiandae/documents.zip	89.47.242.199
2022-08-16 20:07:12 +0000	0 - 0 - 2	mediaworld.ro/minima-quasi/documents.zip	89.42.218.232
2022-08-16 07:03:59 +0000	0 - 0 - 1	actualitatea-crestina.ro/laudantium-reiciendi (...)	89.42.218.232
2022-08-16 06:40:44 +0000	0 - 0 - 2	turismtimis.ro/a-quas/documents.zip	89.42.218.164

Last 10 reports on domain: metalline.ro

Date	UQ / IDS / BL	URL	IP
2022-08-14 06:28:57 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-10 08:05:41 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-09 19:10:43 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-08 16:40:56 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-05 11:55:12 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-04 05:36:05 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-08-03 13:06:48 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-07-31 14:20:26 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-07-28 21:20:08 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72
2022-07-27 05:32:27 +0000	0 - 0 - 1	metalline.ro/sint-eveniet/documents.zip	89.42.218.72

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (19)

Request	Response
GET /sint-eveniet/documents.zip HTTP/1.1 Host: metalline.ro User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	89.42.218.72 HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 content-type: text/html; charset=UTF-8 content-length: 0 date: Tue, 05 Jul 2022 08:34:02 GMT server: LiteSpeed x-xss-protection: 1; mode=block x-content-type-options: nosniff --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Malware
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 143.204.55.36 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 05 Jul 2022 07:55:11 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: gJTGrQiY-rCTBwq24IXNkjM0_WcPGdg1bpgqA_sCHmL6xN36JM5ywA== Age: 2331 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 05 Jul 2022 03:26:45 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 0cfqw_Jg9fAdWlpBZYk2j82oPGIPNFGuvpevoTRJ6SiKIXxI29E9iw== age: 18438 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659" Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5234 Expires: Tue, 05 Jul 2022 10:01:16 GMT Date: Tue, 05 Jul 2022 08:34:02 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 65822db7ce56247876fbdcc5c29607f6 Sha1: 91262a33683099ad0dc3631d0a7a9051d8539b20 Sha256: 5ca12512dfbe8a007255191678a4ecd570026d865ae741c0d3025d8fe1a58659
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Tue, 05 Jul 2022 08:34:02 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: metalline.ro User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://metalline.ro/sint-eveniet/documents.zip	$Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 1640 Md5: 0f6d916ce64e6e016ed61320ae88a5d1$ 89.42.218.72 HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Tue, 12 Jul 2022 08:34:02 GMT content-type: image/x-icon last-modified: Wed, 14 Jan 2015 17:59:10 GMT accept-ranges: bytes content-encoding: gzip vary: Accept-Encoding content-length: 1640 date: Tue, 05 Jul 2022 08:34:02 GMT server: LiteSpeed x-xss-protection: 1; mode=block x-content-type-options: nosniff --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 1640 Md5: 0f6d916ce64e6e016ed61320ae88a5d1 Sha1: 602b83f1c2b4f4acfe4b1df019110271ac411fff Sha256: 9c98637fcc4496b91f48bcb1a30f11365179a86d19d02cdf3a351feeafe034e5
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 143.204.55.36 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Tue, 05 Jul 2022 07:52:27 GMT Cache-Control: max-age=3600 Expires: Tue, 05 Jul 2022 08:35:00 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: qxu-s1vuGoaQ4uqp3SDzJoyMwHDz7d5awLC7aD_quthePQHu7Iyk5g== Age: 2503 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3094 Cache-Control: max-age=87851 Date: Tue, 05 Jul 2022 08:34:03 GMT Etag: "62c29f90-1d7" Expires: Wed, 06 Jul 2022 08:58:14 GMT Last-Modified: Mon, 04 Jul 2022 08:06:40 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 5fc94525b948d159ff233ffa92d3e03a Sha1: d831a23a17d1f2a44652e6955df434b13b9f64a1 Sha256: d6ade82ed7274cf37ea6e5bc9acd573238f04290df4dbdbef6be22134b3050e0
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: JK0o8lE/E+lxszOcEd9YIA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	54.188.94.105 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: utg1OF39xG0LOUgexUzYj/S3kHY= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3124 Expires: Tue, 05 Jul 2022 09:26:09 GMT Date: Tue, 05 Jul 2022 08:34:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3124 Expires: Tue, 05 Jul 2022 09:26:09 GMT Date: Tue, 05 Jul 2022 08:34:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3124 Expires: Tue, 05 Jul 2022 09:26:09 GMT Date: Tue, 05 Jul 2022 08:34:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3124 Expires: Tue, 05 Jul 2022 09:26:09 GMT Date: Tue, 05 Jul 2022 08:34:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9484589c-4639-47d5-82e2-d5f7e182279f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4541 Md5: 2159e02313a32e8509d9d3c33c9d07a8$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4541 x-amzn-requestid: 07e385a5-e0ea-4b26-a776-90527d660aca x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uwt3JH0SIAMFQRw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c35cfa-54c88214646fb157446ed947;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 21:34:50 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jeInCS9KaCOZdszGUE-mq6qFoeN3maxavSLWanuxPS8NnOpY-jisYw== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 eab8a154a09e69260fbfe4df90182b2e.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 22:04:03 GMT etag: "2d1fa771f93c4326f768c272ad812622ed74a89e" content-type: image/jpeg age: 37802 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4541 Md5: 2159e02313a32e8509d9d3c33c9d07a8 Sha1: 2d1fa771f93c4326f768c272ad812622ed74a89e Sha256: e85ed24ed3e464f5ee53439c8cdeb871ad44f0a411e05a334167ca61eadde63c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cbb2268-2bf5-47af-8e1d-f11cecb22fdd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15325 Md5: f5ca212b81f6537944366b2feff88e34$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 15325 x-amzn-requestid: 67ca3437-692b-4088-81a7-a0598fc9b6ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uwt2cE1IIAMFbtQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c35cf5-36a85676347e7573290c69d7;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 21:34:45 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: mfClFp9_mZlHa2g9fzzl5aMEeKQi8QxImwQn6sQX3qnU7zWfmX2HPw== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 21:56:13 GMT age: 38272 etag: "1017520c3c257499a387de77066abe468ef48ebf" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15325 Md5: f5ca212b81f6537944366b2feff88e34 Sha1: 1017520c3c257499a387de77066abe468ef48ebf Sha256: 446ed0f8b0ee575fb6fad59043ca8b848f4ddf7dbf0e3d5793af3ffac41f3629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a0df83c-7c52-41e1-85a8-7315564298f0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6931 Md5: 124937f80340cdf827be3524de77d469$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6931 x-amzn-requestid: 5333225e-e2fd-4426-8d77-488b55a50e5c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uwt2-ESNoAMFlew= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c35cf9-4b11f98c5825d83d5de56e6a;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 21:34:49 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: HAtuNtNKRAUlYyhNaVqeIaQvUPZDkapERAkG-29PX2onFdBt3HxvcA== via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 21:43:30 GMT age: 39035 etag: "dd070aad8015df135330d482d5f54f6f179c4d4c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6931 Md5: 124937f80340cdf827be3524de77d469 Sha1: dd070aad8015df135330d482d5f54f6f179c4d4c Sha256: c1f97b0c475d620aa57b0730b73a4d9848be916ebaddcaedce5bc9cc4faa8d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f2ff39-cb25-4068-8762-5df49420e866.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4199 Md5: 8a694330b3fd613dff46fac6b855452b$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4199 x-amzn-requestid: 577f464a-b20a-465f-a35b-a970a34fdd15 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uwt_RG9TIAMF_1g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c35d2e-5bbfb9292e039d723a27daa8;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 21:35:42 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: VGflfr1bdhXjtHuRJQA15cZcr4FdT91Gwv2vO1DsPpQsF9evZDDJ-g== via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 21:48:38 GMT etag: "a7d20a5a9cc570276480892367c71c605cce4f58" content-type: image/jpeg age: 38727 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4199 Md5: 8a694330b3fd613dff46fac6b855452b Sha1: a7d20a5a9cc570276480892367c71c605cce4f58 Sha256: 8ded13f74eb75a086d56e0476228c98c0a7222edfd6f2a18964ef38371075ea4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3138a2a5-6ce8-4465-8dff-7307ebdd802f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13276 Md5: 95aa230a6b516a252f3815c586803c15$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 13276 x-amzn-requestid: 8e9cf5a0-c1fd-42f6-a117-735639bf60fc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UnnVtEcUIAMFQNA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bfb8f1-703fd654621d292404bcae42;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 03:18:09 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: OY1dqbvd00cN59M8lfMzi7khizD13gcVNsrIhslwzrLc1kI42kURiw== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 12:41:34 GMT age: 71551 etag: "7e5a550bbbac49269cae75ce9bb92e8fdf77b086" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13276 Md5: 95aa230a6b516a252f3815c586803c15 Sha1: 7e5a550bbbac49269cae75ce9bb92e8fdf77b086 Sha256: fc3c49de063a4e13c64e799664fa6c7ccf6e42aac5973aaf1af2b7689338f3b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6777b5d6-39f3-4ddb-a258-98af0d05c7e3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6167 Md5: 2423726f3c7a7aa1e4ede0651b49094d$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6167 x-amzn-requestid: 68b86ca2-52aa-4cd9-abcb-3fc27f1453fe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ud18REWHoAMFc9A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbd04e-7f0c4edc2555738c6cb967fe;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 04:08:46 GMT x-amz-cf-pop: YVR50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: qHWYygWS48QnqjbK1UhMf0kh9-ex29hS3pyeBmIXsfEF09F-4oXPlg== via: 1.1 e16a606a5f3ac7d1b652d993a78c480c.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 22:43:44 GMT age: 35421 etag: "adeb7ea0cd045fb87ccaffc920c51e93fbee5af9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6167 Md5: 2423726f3c7a7aa1e4ede0651b49094d Sha1: adeb7ea0cd045fb87ccaffc920c51e93fbee5af9 Sha256: 8c6a9772e3ce1eb794ba4096008bcb627316e11791acf4d07fe6b68294a315a6