Overview

URL https://update.youngzsoft.com/icafecloud/update/icafecloudsetup.exe
IP96.126.108.173
ASNLinode, LLC
Location United States
Report completed2022-06-19 06:29:03 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-19 2 update.youngzsoft.com/icafecloud/update/icafecloudsetup.exe Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL update.youngzsoft.com/icafecloud/update/icafecloudsetup.exe
IP  96.126.108.173
Magic PE32 executable (GUI) Intel 80386, for MS Windows\012- data
Size 11752880
MD5 df160aa9a4eb075f88458d88f41243af
SHA1 e65c15ab05b9c1355a9ae5903d99455db19993e1
SHA256 7b773d4872645737f76069f91ee9ac96972602856ed3e1b5c990a94cbcbfb4d6
Analyzer Analysed Verdict Comment
VirusTotal 2022-06-17 06:05:59 5/65


Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-19 05:37:43 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-18 17:49:24 UTC 54.69.239.65
[Mnemonic Passive DNS] update.youngzsoft.com (1) 0 No data No data 96.126.108.173 Domain (youngzsoft.com) ranked at: 384506
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-18 19:01:35 UTC 34.120.237.76
[Mnemonic Passive DNS] r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-06-19 04:57:15 UTC 23.36.76.226
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-18 17:50:15 UTC 54.230.111.64


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 96.126.108.173

Date UQ / IDS / BL URL IP
2022-06-23 19:00:41 +0000
0 - 0 - 1 update.youngzsoft.com/icafecloud/update/icafe (...) 96.126.108.173
2022-06-23 19:00:26 +0000
0 - 0 - 1 update.youngzsoft.com/icafecloud/update/icafe (...) 96.126.108.173
2022-06-23 14:58:38 +0000
0 - 0 - 1 update.youngzsoft.com/icafecloud/update/icafe (...) 96.126.108.173
2022-06-23 14:06:32 +0000
0 - 0 - 1 update.youngzsoft.com/icafecloud/update/icafe (...) 96.126.108.173
2022-06-23 00:43:11 +0000
0 - 0 - 1 https://update.youngzsoft.com/icafecloud/upda (...) 96.126.108.173
2022-06-22 17:12:05 +0000
0 - 0 - 1 https://update.youngzsoft.com/icafecloud/upda (...) 96.126.108.173
2022-06-22 16:39:51 +0000
0 - 0 - 1 https://update.youngzsoft.com/icafecloud/upda (...) 96.126.108.173
2019-05-28 20:36:42 +0200
0 - 1 - 0 user.youngzsoft.com/ccproxy/update/ccproxyset (...) 96.126.108.173
2019-05-28 19:09:35 +0200
0 - 1 - 0 user.youngzsoft.com/ccgetmac/update/ccgetmacs (...) 96.126.108.173
2019-05-27 23:52:01 +0200
0 - 1 - 0 youngzsoft.com/en/ccproxy/ccproxysetup.exe 96.126.108.173

Last 10 reports on ASN: Linode, LLC

Date UQ / IDS / BL URL IP
2022-08-19 00:41:43 +0000
0 - 0 - 1 https://admin.classified.pointsource.ng/a3et6 (...) 139.162.200.189
2022-08-19 00:40:59 +0000
0 - 0 - 1 admin.classified.pointsource.ng/a3et6u5dw.rar 139.162.200.189
2022-08-19 00:39:24 +0000
0 - 0 - 2 https://tobecoaching.co.uk/lfi9iu.rar 139.162.200.189
2022-08-18 22:32:23 +0000
0 - 0 - 1 www.chawkyfrenn.com/icon/JtT/ 50.116.62.25
2022-08-18 21:45:33 +0000
0 - 0 - 2 winplace.life/ 194.233.171.66
2022-08-18 20:38:25 +0000
0 - 0 - 2 www.tercantiq.com/m56u/ 139.162.38.10
2022-08-18 19:22:46 +0000
0 - 0 - 1 admin.classified.pointsource.ng/a3et6u5dw.rar 139.162.200.189
2022-08-18 19:21:10 +0000
0 - 0 - 2 https://tobecoaching.co.uk/lfi9iu.rar 139.162.200.189
2022-08-18 17:16:30 +0000
0 - 0 - 1 www.chawkyfrenn.com/icon/JtT/ 50.116.62.25
2022-08-18 15:29:18 +0000
10 - 0 - 0 readion.deaftone.com/a81wxs0am7v0brlk0dop0106 (...) 45.33.2.79

No other reports on domain: youngzsoft.com



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (20)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F7449D747B3C17B6AF8E1F057D563EE3B5833BE3C3BB77155DECB7AC5F3CC950"
Last-Modified: Thu, 16 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7096
Expires: Sun, 19 Jun 2022 08:27:03 GMT
Date: Sun, 19 Jun 2022 06:28:47 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 19 Jun 2022 06:19:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FqA61keRxXalq0napnoDpCR21ooWdTN8RszTJOlz26g3q_70rcfUwg==
Age: 540


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B22925AAD4FB29D1AC0FA8F9C8353045B511E80E24A83BF03712FB16AAB68255"
Last-Modified: Fri, 17 Jun 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 19 Jun 2022 12:28:47 GMT
Date: Sun, 19 Jun 2022 06:28:47 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 19 Jun 2022 02:10:51 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rAECXJYnclSR0VuUvIXHuN6XjH3MUeJudquTT1QaVA-RxWFtD_k6EQ==
age: 15477
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sun, 19 Jun 2022 06:28:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 19 Jun 2022 06:16:41 GMT
Cache-Control: max-age=3600
Expires: Sun, 19 Jun 2022 07:09:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5PEOKpumgpbEfXthN4ogHEz1M7DqneMuiu90CVkDPN5C5FOg21rD6g==
Age: 727


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6270
Cache-Control: 'max-age=158059'
Date: Sun, 19 Jun 2022 06:28:48 GMT
Last-Modified: Sun, 19 Jun 2022 04:44:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dYfRZ7yDb4UQuUvj7wcR1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.69.239.65
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D0Jf2gNIlLn+CoAiHAZ/BFZnwfw=

                                        
                                            GET /icafecloud/update/icafecloudsetup.exe HTTP/1.1 
Host: update.youngzsoft.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         96.126.108.173
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx/1.18.0
Date: Sun, 19 Jun 2022 06:28:47 GMT
Content-Length: 11752880
Last-Modified: Sat, 11 Jun 2022 13:51:07 GMT
Connection: keep-alive
ETag: "62a49dcb-b355b0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PE32 executable (GUI) Intel 80386, for MS Windows\012- data
Size:   11752880
Md5:    df160aa9a4eb075f88458d88f41243af
Sha1:   e65c15ab05b9c1355a9ae5903d99455db19993e1
Sha256: 7b773d4872645737f76069f91ee9ac96972602856ed3e1b5c990a94cbcbfb4d6

Alerts:
  Blocklists:
    - fortinet: Malware
  File Analyzers:
    - virustotal: 5/65
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB5C47750CC94CF64FD493FB2AFBECF9465339D271763D045556E55840F067C3"
Last-Modified: Thu, 16 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9585
Expires: Sun, 19 Jun 2022 09:08:35 GMT
Date: Sun, 19 Jun 2022 06:28:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB5C47750CC94CF64FD493FB2AFBECF9465339D271763D045556E55840F067C3"
Last-Modified: Thu, 16 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9585
Expires: Sun, 19 Jun 2022 09:08:35 GMT
Date: Sun, 19 Jun 2022 06:28:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB5C47750CC94CF64FD493FB2AFBECF9465339D271763D045556E55840F067C3"
Last-Modified: Thu, 16 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9585
Expires: Sun, 19 Jun 2022 09:08:35 GMT
Date: Sun, 19 Jun 2022 06:28:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB5C47750CC94CF64FD493FB2AFBECF9465339D271763D045556E55840F067C3"
Last-Modified: Thu, 16 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9585
Expires: Sun, 19 Jun 2022 09:08:35 GMT
Date: Sun, 19 Jun 2022 06:28:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB5C47750CC94CF64FD493FB2AFBECF9465339D271763D045556E55840F067C3"
Last-Modified: Thu, 16 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9585
Expires: Sun, 19 Jun 2022 09:08:35 GMT
Date: Sun, 19 Jun 2022 06:28:50 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5c9ba7e-7637-412a-a1b3-a0d9f0ac47d7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6034
x-amzn-requestid: a8bba51a-b63b-46ff-9c79-2c30fd03fe9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8VCfECxIAMFv0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae6876-1b8b3b61603ed5d26d09ef51;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 00:06:14 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoP3MD0fal0ppGKjFdtU7g4TRmlguuARc8rY3xYRQVsnwH3mL_MGPg==
via: 1.1 e5147bed59b539c23be4f2e01cf6f6f4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Jun 2022 00:06:30 GMT
etag: "32643ca40145bfd578876a05fdd6a6f3948e3943"
content-type: image/jpeg
age: 22940
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6034
Md5:    e571e5c494928d161eda4436deb1cd79
Sha1:   32643ca40145bfd578876a05fdd6a6f3948e3943
Sha256: 587c4deaf921bf55a021523a2152084d24be142627b82624e88012f904c19b96
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b2f29c2-2c83-4295-87c0-805a4183ebe2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11586
x-amzn-requestid: 9d3d5062-2e3f-4720-bc85-98a70910e46b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TvK83GQxIAMFePg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a9251e-7844860b4465186a2a8963b1;Sampled=0
x-amzn-remapped-date: Wed, 15 Jun 2022 00:17:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: H3I0D_Vt_7YYuEMr9c6FGCOX437PzKuzhwLNSjTJ53bdaxg1k_aUEA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Jun 2022 16:43:24 GMT
age: 49526
etag: "4922bdbcd29624634474ba1bf583f74799905325"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11586
Md5:    8664fba5abbd4018fa038f18efe53b00
Sha1:   4922bdbcd29624634474ba1bf583f74799905325
Sha256: 77286a6a694436ff3ff7917fc0a30c9a570e17a0d95aaa9f3b4f7cd421be501d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f357927-c389-4483-832e-fbda0c2c08b8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7319
x-amzn-requestid: ba6fe2b5-bea5-4bf4-8e01-4e9c2ccc247a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Tycn0HhxoAMFb-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62aa7498-653d74bb5ae561931f7984cd;Sampled=0
x-amzn-remapped-date: Thu, 16 Jun 2022 00:08:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 96mC2yqaSQKJZHNkuhpGMarUC_7AllfIHOsR9UBCFRUDP6dLHi6Vig==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Jun 2022 03:08:15 GMT
age: 12035
etag: "92240309c4fd8f393f22855963e333494ed2c1db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7319
Md5:    45df0899aff13948beea1ecd64cc830b
Sha1:   92240309c4fd8f393f22855963e333494ed2c1db
Sha256: 0dcf01944371926896060ee5b61b5b5bd685d0164e857caefc67d4af90da55be
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e2f7c38-368a-4f7d-8f55-58cd35c8109b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7101
x-amzn-requestid: 46c57053-0680-45c4-a245-cfde0da8dcfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Tr2wwFeCIAMFk2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62a7d19e-0c87d5ec64a563c47966dbbb;Sampled=0
x-amzn-remapped-date: Tue, 14 Jun 2022 00:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1F7vIP6MesLQHo0bIfc2H7WWRCXWuq4pGfNRFOsA4vBs2ts40tMhRg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Jun 2022 21:03:37 GMT
age: 33913
etag: "2fc9e0d8d965db00b60c8c238bf90dc0520bcddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7101
Md5:    f9c84559a17ae9bba39597884c87841d
Sha1:   2fc9e0d8d965db00b60c8c238bf90dc0520bcddf
Sha256: daad1037d2cd3306af3467824483294443a8680dc38726e84876bf3fd4e39ad1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074b5da1-e602-4ee7-8a13-69d0075f7da1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9345
x-amzn-requestid: b81ae417-4acb-4797-b482-ca5d65f2be2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: TydTnHGgoAMFmQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62aa75b0-26fdb04f00614e113d825194;Sampled=0
x-amzn-remapped-date: Thu, 16 Jun 2022 00:13:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: b7tk3o6AQ9fRWdLiItmQkOQUzqSOfOZiFobEdtHSPuLaDKRG8Nf8qg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 18 Jun 2022 12:29:34 GMT
age: 64756
etag: "78294abde683e470edcdf4c8a8e7f8b1bcb9cc78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9345
Md5:    893ed0db6dd752f202d2e42ba9f914f9
Sha1:   78294abde683e470edcdf4c8a8e7f8b1bcb9cc78
Sha256: 50439bcb7e6a182c2168d2c8c4e84a44b942a70d8e60b702279edb49acd14b4a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a16de40-9ac0-4e79-8139-d09b4483f1f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 12204
x-amzn-requestid: 943928e6-6b15-42bc-9761-22e4647833d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T8UznE8_oAMFQVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ae6816-14ae0e7b44c24a6841f6e313;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 00:04:38 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yX0ccgLOmi-OR1VToDHe5QvEH62A8g5IMDWTt2RTvW7vCaQ2ljgMTg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Jun 2022 00:04:39 GMT
age: 23051
etag: "2993e1a2a9bd0e170188ed105edab02db22cb3f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12204
Md5:    b340d6351f49e26c09684a31db408c74
Sha1:   2993e1a2a9bd0e170188ed105edab02db22cb3f6
Sha256: 326fb9566eed670aac3689a963842e0c38b1363f9149cb2435d22737a77b3f82