urlquery - report: www.lelouzh.com/hostsfix.exe

Overview

URL	www.lelouzh.com/hostsfix.exe
IP	45.64.185.201
ASN	Bangmod Enterprise Co., Ltd.
Location	Thailand
Report completed	2022-07-05 16:00:52 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-05	2	www.lelouzh.com/hostsfix.exe	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (7)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-05 10:44:38 UTC	93.184.220.29
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-05 12:56:13 UTC	34.120.237.76
[Mnemonic Passive DNS]	r3.o.lencr.org (3)	344	2020-12-02 08:52:13 UTC	2022-07-05 04:59:43 UTC	23.36.76.226
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	143.204.55.36
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-05 05:12:14 UTC	143.204.55.49
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	www.lelouzh.com (1)	0	2012-12-07 05:27:39 UTC	2022-07-04 18:38:27 UTC	45.64.185.201	Unknown ranking

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.64.185.201

Date	UQ / IDS / BL	URL	IP
2022-07-06 16:01:04 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-07-04 18:38:41 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-07-03 17:25:16 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-07-02 17:02:11 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-07-01 22:34:14 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-07-01 16:07:49 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-06-30 17:56:41 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-06-30 06:33:46 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-06-25 02:46:44 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201
2022-06-24 05:18:54 +0000	0 - 0 - 1	www.lelouzh.com/hostsfix.exe	45.64.185.201

Last 10 reports on ASN: Bangmod Enterprise Co., Ltd.

Date	UQ / IDS / BL	URL	IP
2022-08-12 22:20:02 +0000	0 - 0 - 3	scglobal.co.th/e-catalogue/oynn-6tut6-amuq/	45.64.187.214
2022-08-12 16:05:51 +0000	0 - 0 - 3	scglobal.co.th/e-catalogue/oynn-6tut6-amuq/	45.64.187.214
2022-08-12 09:51:45 +0000	0 - 0 - 3	scglobal.co.th/e-catalogue/oynn-6tut6-amuq/	45.64.187.214
2022-08-12 03:39:07 +0000	0 - 0 - 3	scglobal.co.th/e-catalogue/oynn-6tut6-amuq/	45.64.187.214
2022-08-11 21:29:28 +0000	0 - 0 - 3	scglobal.co.th/e-catalogue/oynn-6tut6-amuq/	45.64.187.214
2022-08-11 15:17:05 +0000	0 - 0 - 3	scglobal.co.th/e-catalogue/oynn-6tut6-amuq/	45.64.187.214
2022-08-11 09:09:00 +0000	0 - 0 - 3	scglobal.co.th/e-catalogue/oynn-6tut6-amuq/	45.64.187.214
2022-08-11 03:01:30 +0000	0 - 0 - 3	scglobal.co.th/e-catalogue/oynn-6tut6-amuq/	45.64.187.214
2022-08-10 04:44:31 +0000	0 - 0 - 12	welovechonburi.com/	45.64.185.141
2022-08-09 22:19:47 +0000	0 - 0 - 10	rhsschool.ac.th/	45.64.185.141

No other reports on domain: lelouzh.com

JavaScript

Executed Scripts (1)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (15)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659" Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8465 Expires: Tue, 05 Jul 2022 18:21:44 GMT Date: Tue, 05 Jul 2022 16:00:39 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 65822db7ce56247876fbdcc5c29607f6 Sha1: 91262a33683099ad0dc3631d0a7a9051d8539b20 Sha256: 5ca12512dfbe8a007255191678a4ecd570026d865ae741c0d3025d8fe1a58659
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 143.204.55.36 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 05 Jul 2022 15:39:48 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: X7dP0kji6RD1TlUuA5tYGDWwN56xCVJ99It1Xt35jpikoUHeCpw40w== Age: 1251 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 143.204.55.49 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 05 Jul 2022 03:26:45 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: eZJiyN9ozIdTkiDu7iFDllrHoQPP3nfEZE9hWRSPzq4PWDjE6-ytHw== age: 45235 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Tue, 05 Jul 2022 16:00:39 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /hostsfix.exe HTTP/1.1 Host: www.lelouzh.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 169 Md5: 1d7e105f6929fa04f2ec0e8cc2bf18d3$ 45.64.185.201 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx/1.20.0 Date: Tue, 05 Jul 2022 15:59:42 GMT Content-Length: 169 Connection: keep-alive Location: https://www.lelouzh.com/hostsfix.exe --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 169 Md5: 1d7e105f6929fa04f2ec0e8cc2bf18d3 Sha1: 9259ce376f72bf5861e0b455712baca565235602 Sha256: 9e5fe1fc9fb5e65dbb0af3bc4fcd3443a2dbf812bcd75f2bf7b17c3d7524b8fe Alerts: Blocklists: - fortinet: Malware
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 143.204.55.36 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Tue, 05 Jul 2022 15:34:56 GMT Cache-Control: max-age=3600 Expires: Tue, 05 Jul 2022 15:48:16 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: GZ9dPD6Y5m2yNgObEonqZCqLJnXz1I44RcsbVW6YK9EeLlYfJnzLEg== Age: 1544 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3379 Cache-Control: 'max-age=158059' Date: Tue, 05 Jul 2022 16:00:40 GMT Last-Modified: Tue, 05 Jul 2022 15:04:21 GMT Server: ECS (ska/F706) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15971ec9d16508a7ed7e29f0eabff6c1 Sha1: f193a969cc099ce6a7469fa3b0765d3e14901fda Sha256: 5d530c0312fbb1aa93bf3fdbd7ca66f8e2057b6965982ae1aa79398c02400604
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A008B0F3DDBA9D4A843378148C9051C7273CE76827C81BE4183BEE7D41481AB2" Last-Modified: Mon, 04 Jul 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21540 Expires: Tue, 05 Jul 2022 21:59:40 GMT Date: Tue, 05 Jul 2022 16:00:40 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfe4ff00ce37ce7c2d1f814b687ce3ed Sha1: eef1a772e7bb2daee086b4f6b3544f5099ba3b39 Sha256: a008b0f3ddba9d4a843378148c9051c7273ce76827c81be4183bee7d41481ab2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11016 Expires: Tue, 05 Jul 2022 19:04:17 GMT Date: Tue, 05 Jul 2022 16:00:41 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b5149e9-33ff-4147-bde2-5c16d2c85400.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9130 Md5: a0c68898cc187df82b25edc852693e9a$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9130 x-amzn-requestid: 7a6e4330-591e-41aa-a8fc-2eb50ef7b9dc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UorLgE9UIAMFlSA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c0257c-541a0e3d218259623aceb2d1;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 11:01:16 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: jNnq1HnAUaS4IEFZtJJMK0Fy9C9QYwp77_FnpN5FJkF55RY5ukQDQw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 10:13:21 GMT age: 20840 etag: "bad0f6fef090a81fd10ef57575424f76b9e73b85" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9130 Md5: a0c68898cc187df82b25edc852693e9a Sha1: bad0f6fef090a81fd10ef57575424f76b9e73b85 Sha256: fedb62c5c89e162540d34eb50f20b2c5b59f100c69e302105b26f90528ec1d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8553 Md5: e6f97e6b64100081e8bed56216564854$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8553 x-amzn-requestid: 2c1e16d1-357b-493e-bcf7-b4de1a34757f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Utd8tEKYIAMFbmA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c21051-7382cb3050c6f13d70dd3706;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 21:55:29 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 9b-i6Ono7HZPLnQTZVWjd00ihgjD2qR-Meg1fdOa2d-SXIITlOM4yw== via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 13:48:41 GMT age: 7920 etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8553 Md5: e6f97e6b64100081e8bed56216564854 Sha1: 303f4efaa9b98e39a935fc6514d3731d40d2977c Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d4b69e5-90ff-4aa2-86af-7ef42958492d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8084 Md5: 14ce53ad53c9c7ccc3c37c0ce919088d$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8084 x-amzn-requestid: 9765c9da-9160-4801-b54d-b4cb708f4df1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UtfJuEI9IAMFZOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c2123e-3391821341a51a1244162d96;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 22:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: CMWbB6xCtQmeI61b_Au2G48__po8SYm7YK2CxkXP1ipixHTTbjg7Pg== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 10:36:20 GMT age: 19461 etag: "39ab72bedd648a921f9e0f871cd7cde9f9e023da" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8084 Md5: 14ce53ad53c9c7ccc3c37c0ce919088d Sha1: 39ab72bedd648a921f9e0f871cd7cde9f9e023da Sha256: 1cd52f899d9705d69f276496f9579d87f4ab4db9ebb621377b24a2702cab1d6e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cbb2268-2bf5-47af-8e1d-f11cecb22fdd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15325 Md5: f5ca212b81f6537944366b2feff88e34$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 15325 x-amzn-requestid: 67ca3437-692b-4088-81a7-a0598fc9b6ff x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uwt2cE1IIAMFbtQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c35cf5-36a85676347e7573290c69d7;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 21:34:45 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Moj0W3P3hDnl6NBYhs6Lsc_zgnLlqRFrN3zeThbtAKNpdckzp9QQhQ== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 22:00:20 GMT age: 64821 etag: "1017520c3c257499a387de77066abe468ef48ebf" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15325 Md5: f5ca212b81f6537944366b2feff88e34 Sha1: 1017520c3c257499a387de77066abe468ef48ebf Sha256: 446ed0f8b0ee575fb6fad59043ca8b848f4ddf7dbf0e3d5793af3ffac41f3629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8718223e-bfad-403b-ae83-afcbd382cadb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8241 Md5: 30f549fff99dd7275484446f9ab89baf$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8241 x-amzn-requestid: cdabcbe8-5936-4547-8278-8bf49c07bcaf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UwulYF-SoAMF_yA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c35e22-7591d2de58e1fb0006aff5e8;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 21:39:46 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: ZEJvSNh7VfIJ0PurR_Pz9PbWdaobwYKB0bHCdp87_QCV1jpiqmsoUg== via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 22:04:45 GMT age: 64556 etag: "90312a1902b10dc375f39a9e1ef8961c33c0be7d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8241 Md5: 30f549fff99dd7275484446f9ab89baf Sha1: 90312a1902b10dc375f39a9e1ef8961c33c0be7d Sha256: f17fcd3a8abf75b88cbafef88d1b86d8fb6ef2e500b7320cf4069049a6352b95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8c4ea6c-7792-4df4-8bae-77fc14bdacdb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4543 Md5: 764309e250ae00daafdc24e151393e29$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4543 x-amzn-requestid: 3ad41b54-a6dd-4ce6-87a7-20d792481977 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uteu4FEboAMFc9A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c21192-205c91a81e08b2ca5bc758e7;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 22:00:50 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 8X3W9P317g2XWqqtJU3Hf9f48vYJ9o7rCOWMduYbP30YvtF4ZSp3gA== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 a2c13de7f3df76280ef01a6604863734.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 22:04:50 GMT age: 64551 etag: "feb73ee866515e61f382263f397138ff21f5bd2b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4543 Md5: 764309e250ae00daafdc24e151393e29 Sha1: feb73ee866515e61f382263f397138ff21f5bd2b Sha256: 1dff1fc3d8eb5a4f618ed013ead183c8f886b38a27af192fc83c837f4b595610