urlquery - report: dl155.apkawards.com/apkmod_apks/dl5/com.klockigame.klocki/com.klockigame.klocki_1.08-apk_award.apk

Overview

URL	dl155.apkawards.com/apkmod_apks/dl5/com.klockigame.klocki/com.klockigame.klocki_1.08-apk_award.apk
IP	104.21.64.9
ASN	CLOUDFLARENET
Location
Report completed	2022-06-30 01:54:34 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-30	2	dl155.apkawards.com/apkmod_apks/dl5/com.klockigame.klocki/com.klockigame.kl (...)	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	143.204.55.27
[Mnemonic Passive DNS]	r3.o.lencr.org (3)	344	2020-12-02 08:52:13 UTC	2022-06-29 04:27:49 UTC	23.36.76.226
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-29 04:30:20 UTC	143.204.55.35
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-06-29 19:09:02 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-29 20:37:23 UTC	35.82.213.230
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-29 20:37:26 UTC	34.120.237.76
[Mnemonic Passive DNS]	dl155.apkawards.com (1)	0	No data	No data	172.67.173.188	Domain (apkawards.com) ranked at: 942040

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.21.64.9

Date	UQ / IDS / BL	URL	IP
2022-06-30 15:31:57 +0000	0 - 0 - 1	dl8910.apkawards.com/apkmod_apks/dl9/com.ea.g (...)	104.21.64.9
2022-06-30 01:56:00 +0000	0 - 0 - 1	dl021.apkawards.com/apkmod_apks/dl21/com.noxg (...)	104.21.64.9
2022-06-30 01:55:34 +0000	0 - 0 - 1	dl567.apkawards.com/apkmod_apks/dl7/com.fours (...)	104.21.64.9
2022-06-30 01:55:28 +0000	0 - 0 - 1	dl1123.apkawards.com/apkmod_apks/dl12/net.bas (...)	104.21.64.9
2022-06-30 01:54:57 +0000	0 - 0 - 1	dl25160.apkawards.com/apkmod_apks/dl25/com.jo (...)	104.21.64.9
2022-06-30 01:54:34 +0000	0 - 0 - 1	dl25160.apkawards.com/apkmod_apks/dl25/io.eme (...)	104.21.64.9
2022-06-30 01:54:25 +0000	0 - 0 - 1	dl25160.apkawards.com/apkmod_apks/dl25/com.be (...)	104.21.64.9
2022-06-30 01:54:18 +0000	0 - 0 - 1	dl1123.apkawards.com/apkmod_apks/dl12/net.hex (...)	104.21.64.9
2022-06-30 01:54:16 +0000	0 - 0 - 1	dl021.apkawards.com/apkmod_apks/dl21/beatmake (...)	104.21.64.9
2022-06-30 01:54:08 +0000	0 - 0 - 1	dl155.apkawards.com/apkmod_apks/dl15/com.tira (...)	104.21.64.9

Last 10 reports on ASN: CLOUDFLARENET

Date	UQ / IDS / BL	URL	IP
2022-08-12 13:05:27 +0000	0 - 0 - 2	abcghiq13jk456df--loading.7pphhgn7d10v.xyz/	172.67.208.130
2022-08-12 13:05:12 +0000	0 - 0 - 2	abotoni122.xyz/Win/Bolivia4/?devicemodel=Appl (...)	104.21.34.92
2022-08-12 13:05:05 +0000	0 - 0 - 1	android-safety.com/prop/en/?brand=Google&devi (...)	104.26.3.216
2022-08-12 13:04:48 +0000	0 - 0 - 1	vieclammobile2019.com/	172.67.161.225
2022-08-12 13:02:46 +0000	0 - 0 - 1	moodledata.juscatamarca.gob.ar/	172.67.218.182
2022-08-12 13:01:35 +0000	0 - 0 - 51	register-new-event.ml/	188.114.97.1
2022-08-12 13:00:56 +0000	0 - 0 - 3	https://infinite-stars.net/files/vida.exe	104.21.66.135
2022-08-12 13:00:52 +0000	0 - 0 - 3	https://infinite-stars.net/files/drop.exe	104.21.66.135
2022-08-12 13:00:46 +0000	0 - 0 - 3	https://infinite-stars.net/files/clip.exe	172.67.160.101
2022-08-12 13:00:27 +0000	0 - 0 - 5	investing-world.com/lps/bitcoinlt/index.html	104.21.10.233

No other reports on domain: apkawards.com

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (16)

Request	Response
GET /apkmod_apks/dl5/com.klockigame.klocki/com.klockigame.klocki_1.08-apk_award.apk HTTP/1.1 Host: dl155.apkawards.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 219 Md5: 256a93cfae9a9320f1b11af4e2d0d7e4$ 172.67.173.188 HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Date: Thu, 30 Jun 2022 01:54:21 GMT Transfer-Encoding: chunked Connection: keep-alive Location: https://apkaward.com/errors/dl.html CF-Cache-Status: BYPASS Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hh2MsODhSULKiJhqLkz30S9RoLv5Ni4v9xO2lLAwteadz9UF2O6WimN%2FvAW3VkAB060Ppb%2FvRjSam9cNmXjyTdrDzGLHCakvm7MiUm4eFPAxXL1zVbQdtlW4GWW%2BdYA%2BE1%2Fx1Ypk"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Vary: Accept-Encoding Server: cloudflare CF-RAY: 723346032e801c12-OSL alt-svc: h2=":443"; ma=60 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 219 Md5: 256a93cfae9a9320f1b11af4e2d0d7e4 Sha1: a73ecd2827f89a1f943bf9c3145ee8eab8e18d55 Sha256: 47d134c4a97cdf64d2a79ee3eb6741011223e3e2b0ae120c69da602a470f3b08 Alerts: Blocklists: - fortinet: Malware
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 30 Jun 2022 01:48:21 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ZhnVpiL1rq_K-iYqHtq-cSfFHzDkHMNHpVDjkEqwwWDy1mSpJtxbfw== Age: 360 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "3E2650132BC75A58C9B08C2A69EC353237F48E840D9D2481F9D5E63D92ABBC6F" Last-Modified: Wed, 29 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13696 Expires: Thu, 30 Jun 2022 05:42:37 GMT Date: Thu, 30 Jun 2022 01:54:21 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f877dcf1049551cb05fe926e4b94fb51 Sha1: 2f5c8da538c78853b68ca58a3df5dd64b032291b Sha256: 3e2650132bc75a58c9b08c2a69ec353237f48e840d9d2481f9d5e63d92abbc6f
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 143.204.55.35 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 date: Wed, 29 Jun 2022 02:10:55 GMT last-modified: Wed, 11 May 2022 19:51:39 GMT etag: "48ca0beea419a9039591cf1aee5179e0" content-disposition: attachment accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: vb1DPzitQvY7-SnDGDploY77neXrYwE4C19FNahn47RWEynSA8TRyA== age: 85407 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 30 Jun 2022 01:54:21 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Thu, 30 Jun 2022 01:31:51 GMT Expires: Thu, 30 Jun 2022 01:32:32 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ltoj3BBTo2CzlNCuVkb2Tl_-wWPoMDB8aS2fkPMearpeayr4Ikhitw== Age: 1351 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2668 Cache-Control: 'max-age=158059' Date: Thu, 30 Jun 2022 01:54:22 GMT Last-Modified: Thu, 30 Jun 2022 01:09:54 GMT Server: ECS (ska/F718) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: cdfeaca3994b060f79b30baed6e1a5f8 Sha1: 8b53b71d89f77bdd9025ea92d5ecf9d8fc42ac0b Sha256: 45b4fbbe4c3fe2b94e23db698bebfcec936cd21bb5b264be311c109f1c1242ce
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Tjy7iPHJ1o1ooIMr3HytSQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	35.82.213.230 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: U37cvFlEgNc44Jvdw7bFic12omE= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5866 Expires: Thu, 30 Jun 2022 03:32:10 GMT Date: Thu, 30 Jun 2022 01:54:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6A0721423C3B7EF429DA855641043D8F038DA4FFF1A788C1273BA18B1C0C9F8B" Last-Modified: Wed, 29 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5866 Expires: Thu, 30 Jun 2022 03:32:10 GMT Date: Thu, 30 Jun 2022 01:54:24 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d538dea07a9f0bd634392c5975b0fa70 Sha1: 0b80d11db004a10fe57cf73757a6d7b00b698f12 Sha256: 6a0721423c3b7ef429da855641043d8f038da4fff1a788c1273ba18b1c0c9f8b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa79d277b-5e0d-4a1d-83ed-a355ef2276b5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7289 Md5: f1824610da34f0cd715ab3e1d02e574e$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7289 x-amzn-requestid: 67245eef-0b7a-485a-b4a2-467109edb67c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UT0pCHi_IAMFvPA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7ce39-6dfe37fe45caaa90166fe5a9;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 03:10:49 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: VwEBq3yKGEPsPsQTyhgqfHt1n5SMu2hllYkD6XYrYGL7X1fQDQzC3g== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Jun 2022 22:03:09 GMT age: 13875 etag: "443cc22a0847bea98bfb28ed46abe38567605116" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7289 Md5: f1824610da34f0cd715ab3e1d02e574e Sha1: 443cc22a0847bea98bfb28ed46abe38567605116 Sha256: 80cb62cc2421eea285770c4c2bed8b53cd9c004938004b21d9889db88e06dff2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13754abd-3e9c-430e-8f96-c38e307aac77.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7905 Md5: 36fc3a8f8c2c88ed79afe3a175493f3c$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7905 x-amzn-requestid: 9e62c870-7ddb-46b3-97fb-c72ce6ccfefe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UgO9PGtEIAMFfpQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bcc521-450c44b52420a9736e9ca612;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 21:33:21 GMT x-amz-cf-pop: SEA19-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: k6XFcqY75KWvRG5G-UiPGsggI_SWZeXrGK06Mnnx7KZnq_7bCsTt2A== via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Jun 2022 21:44:22 GMT etag: "051cd8a3fb26a97fc3da81a002f4bbfa8cc97aa9" content-type: image/jpeg age: 15002 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7905 Md5: 36fc3a8f8c2c88ed79afe3a175493f3c Sha1: 051cd8a3fb26a97fc3da81a002f4bbfa8cc97aa9 Sha256: 4656a6337ebf7033d8e4d228ed5673afe128a9343548da06d29d99d3320890ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc64139e3-1714-4207-9f83-6963efdebdb1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11303 Md5: b38a21dc4af2a753ec1149a58eca2ee2$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11303 x-amzn-requestid: 133e1b8e-7db3-4337-92a0-b693c3ba40aa x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeQEkHN1IAMF6qQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbfa1d-65b9ee0025592952377ccb6d;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:07:09 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: qZ65_kcaLORUGEbUuifwMdYmlm007Tehq5XMtiHQGeFkUOcqwiXi2Q== via: 1.1 cb2af39fbf29fa8b3d7f263c2b822092.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Jun 2022 07:43:43 GMT age: 65441 etag: "91d2dc48008a198adb2b740bec1843a146f826c1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11303 Md5: b38a21dc4af2a753ec1149a58eca2ee2 Sha1: 91d2dc48008a198adb2b740bec1843a146f826c1 Sha256: 2e56992e4642c248dd330fc1343977dedd2ec4e944564214be432f3f390488e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b7a4375-a2db-4744-a689-0c1e65ea038f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10792 Md5: 3144b94a8936136d9e7214c57fef0d1c$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10792 x-amzn-requestid: c239e02c-f315-4de9-9d2e-7d0ebaaa7533 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UgO-qHlxIAMF3GQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bcc52a-6a031ec43564a69e1a8efe66;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 21:33:30 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: aZnblzoq9MlncZxFISS3Bx92B8nnCbXHnTd8cOXyXfWqmYVxY3HYFA== via: 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Jun 2022 21:44:18 GMT age: 15006 etag: "91a496da3231d55b9511ed5c64cc4b7386fb130e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10792 Md5: 3144b94a8936136d9e7214c57fef0d1c Sha1: 91a496da3231d55b9511ed5c64cc4b7386fb130e Sha256: f2062f616360faf1e83f0d6161ee0fe552091df15c01e30eb518d5bb1ab90920
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86335174-0f85-4ebc-beab-48a3a7720ddf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8578 Md5: 7f76e593dc032ab1cd4583d91676243d$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8578 x-amzn-requestid: cc2bf33f-3600-40a6-9d8d-7698d7818ad2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UM1CTEhlIAMF7Zw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b5020e-046a37693eb0aa1535fbab81;Sampled=0 x-amzn-remapped-date: Fri, 24 Jun 2022 00:15:10 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: OFzhqPoddx2w7IXPeol_6Yi-YL-Z2GnnJbxqrUo80RNyLLqvObqFlQ== via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Jun 2022 22:03:13 GMT age: 13871 etag: "51cb079e8284d83a6f3afab6a4da27286e9eb672" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8578 Md5: 7f76e593dc032ab1cd4583d91676243d Sha1: 51cb079e8284d83a6f3afab6a4da27286e9eb672 Sha256: 8ececbb73b3ee12822fb163e9d8c73c12cace0da883bbb41d82f377e6b30ecca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e9cb7-c6e5-4f16-ae5c-037bd1fe8a59.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8545 Md5: 69fba688fc5ca2f102854c5caa513ddf$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8545 x-amzn-requestid: ee6240b9-f3be-46c9-85b1-40e6294e8a61 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UgO_JHajoAMFiXQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bcc52d-0495e108756a513f3dccd92b;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 21:33:33 GMT x-amz-cf-pop: SEA19-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: mnEwoP4_qY0FJ5tNZPQAifldN3v_XcMIJl4vG9YjA6g6yLqfYJ1bOg== via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Jun 2022 21:44:25 GMT age: 14999 etag: "eb724985d98b3e333da18a908cae91ac050b1545" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8545 Md5: 69fba688fc5ca2f102854c5caa513ddf Sha1: eb724985d98b3e333da18a908cae91ac050b1545 Sha256: 80681be640e493ad65fa935df74132ea2d91303d8b2f63ab352f0f56d9d75a8d