urlquery - report: 172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20sz%C3%A1m222109%C2%B710397%C2%B7pdf.zip

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-21 04:20:37 UTC	34.117.237.239
172.245.120.8 (1)	0	2021-01-30 04:32:53 UTC	2021-02-01 10:31:50 UTC	172.245.120.8	Unknown ranking
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-21 10:02:25 UTC	93.184.220.29
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-21 04:20:37 UTC	100.20.30.105
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-21 04:18:21 UTC	34.120.237.76
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-21 10:25:05 UTC	143.204.55.27
r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-09-21 04:18:22 UTC	23.36.76.226
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-21 04:18:32 UTC	143.204.55.25

Scan Date	Severity	Indicator	Comment
2022-09-21	2	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20sz%C3%A1m222109%C2%B710397%C2%B (...)	Malware

Date	UQ / IDS / BL	URL	IP
2022-09-30 21:16:20 +0000	0 - 0 - 1	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8
2022-09-30 15:32:46 +0000	0 - 0 - 1	172.245.120.8/aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8
2022-09-30 06:39:22 +0000	0 - 0 - 1	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8
2022-09-29 15:30:28 +0000	0 - 0 - 1	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8
2022-09-29 00:12:53 +0000	0 - 0 - 1	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8

Date	UQ / IDS / BL	URL	IP
2023-02-08 07:19:14 +0000	0 - 0 - 1	xadm.negocioshernandez.com/vistas/panel/prove (...)	198.144.188.144
2023-02-08 07:16:12 +0000	0 - 2 - 0	rfhelpback.xyz/Bin/support.ClientSetup.exe?h= (...)	23.94.82.22
2023-02-08 07:13:58 +0000	0 - 0 - 2	172.245.33.37/	172.245.33.37
2023-02-08 04:45:27 +0000	0 - 1 - 1	00o0o0o0sdf000000ooOOOO0000000ooooooooOOOOOsd (...)	104.168.45.126
2023-02-08 03:54:03 +0000	0 - 5 - 1	104.168.45.126/260/vbc.exe	104.168.45.126

Date	UQ / IDS / BL	URL	IP
2022-09-30 21:16:20 +0000	0 - 0 - 1	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8
2022-09-30 15:32:46 +0000	0 - 0 - 1	172.245.120.8/aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8
2022-09-30 06:39:22 +0000	0 - 0 - 1	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8
2022-09-29 15:30:28 +0000	0 - 0 - 1	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8
2022-09-29 00:12:53 +0000	0 - 0 - 1	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20s (...)	172.245.120.8

Date	UQ / IDS / BL	URL	IP
2023-02-08 06:51:20 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2001530d (...)	188.93.63.73
2023-02-08 06:31:03 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2017064d (...)	188.93.63.73
2023-02-08 06:16:52 +0000	0 - 1 - 0	pkg.dl.mail.ru/packages/skyforge_alphadistrib (...)	178.22.88.106
2023-02-08 05:51:45 +0000	0 - 1 - 0	download.swansc.com/SSCNC6.31Setup_en.exe	47.52.37.88
2023-02-08 04:29:21 +0000	0 - 1 - 0	download.swansc.com/update/sscnc6.20update.rar	47.52.37.88

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Wed, 21 Sep 2022 12:13:35 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: q12o-abSFRmL8d9bx-GODiJ3_3SY5R0mrYsAzYqBNI3msucBPTREhA== Age: 2797 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 804f8bbb7f556d51a5f52d5ebd5b6eef Sha1: 922cd7e06df278615a04abb81d811d14596c8180 Sha256: ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2" Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19112 Expires: Wed, 21 Sep 2022 18:18:44 GMT Date: Wed, 21 Sep 2022 13:00:12 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a26d0784548ecab22f417f3d689daf23 Sha1: 8893b79366bbadeb5c8d587b8f023e310694df1c Sha256: 35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Wed, 21 Sep 2022 04:35:14 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: rtgVrsK4b2lEZa5O_OIFn42bqkTOaIWGAMTEeF2bA9NbDEZ3Aj-bLg== age: 30300 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 21 Sep 2022 13:00:13 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Wed, 21 Sep 2022 12:03:22 GMT Cache-Control: max-age=3600 Expires: Wed, 21 Sep 2022 12:43:37 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 7SCqng2uz2f3hfzSjluw05m7N7WfyjSVInH1vsoWjnDRsBFsBUyjDQ== Age: 3411 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /Aj%C3%A1nlatk%C3%A9r%C3%A9s%20sz%C3%A1m222109%C2%B710397%C2%B7pdf.zip HTTP/1.1 Host: 172.245.120.8 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: 172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20sz%C3%A1m22 (...) FQDN: 172.245.120.8 IP: 172.245.120.8 HASH: 1dfcccdd32ed323bbe2749f317ce31dc0b9ae06c8972558d76b46df0b437d30e 172.245.120.8 HTTP/1.1 200 OK Content-Type: application/x-zip-compressed Last-Modified: Wed, 21 Sep 2022 07:24:48 GMT Accept-Ranges: bytes ETag: "6eb92a3b8bcdd81:0" Server: Microsoft-IIS/10.0 Date: Wed, 21 Sep 2022 13:00:11 GMT Content-Length: 636765 --- Additional Info --- Magic: Zip archive data, at least v2.0 to extract, compression method=deflate\012- data Size: 636765 Md5: 3c1002fea3af96e1a3931e67241b1ecf Sha1: 238481c1679e119fbce6453afcb6b62aa349e4d8 Sha256: 1dfcccdd32ed323bbe2749f317ce31dc0b9ae06c8972558d76b46df0b437d30e Alerts: Blocklists: - fortinet: Malware File Analyzers: - virustotal: 10/65
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5554 Cache-Control: 'max-age=158059' Date: Wed, 21 Sep 2022 13:00:13 GMT Last-Modified: Wed, 21 Sep 2022 11:27:39 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ff6d50919e56aed75c47feb45ee2f2ec Sha1: 98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef Sha256: b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 6BoCM6QbGPLI6N3S7fXFGA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 100.20.30.105 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 100.20.30.105 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: en6NVFJAkYV8rd7k8yShq7BrAdo= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9452 Expires: Wed, 21 Sep 2022 15:37:47 GMT Date: Wed, 21 Sep 2022 13:00:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8ebb267e443b81854ef9a01b3eb6489d Sha1: b932e9e5679da5a9160da5429458041765509b52 Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9452 Expires: Wed, 21 Sep 2022 15:37:47 GMT Date: Wed, 21 Sep 2022 13:00:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8ebb267e443b81854ef9a01b3eb6489d Sha1: b932e9e5679da5a9160da5429458041765509b52 Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9452 Expires: Wed, 21 Sep 2022 15:37:47 GMT Date: Wed, 21 Sep 2022 13:00:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8ebb267e443b81854ef9a01b3eb6489d Sha1: b932e9e5679da5a9160da5429458041765509b52 Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9452 Expires: Wed, 21 Sep 2022 15:37:47 GMT Date: Wed, 21 Sep 2022 13:00:15 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8ebb267e443b81854ef9a01b3eb6489d Sha1: b932e9e5679da5a9160da5429458041765509b52 Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9201 x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YxzxlEYcoAMFaQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0 x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT x-amz-cf-pop: SFO5-P2, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA== via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Sep 2022 21:43:18 GMT age: 55017 etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9201 Md5: a692964324dbb9c460a1b855808d02e6 Sha1: 1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54 Sha256: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10038 x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Yxy1mHDCIAMF5-g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0 x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Sep 2022 21:47:24 GMT etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203" age: 54771 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10038 Md5: dab1f2cd68979d2004ba4449d759a341 Sha1: 54ed14436a75ba2aeb8459bad2ce70229aff4203 Sha256: e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5402 x-amzn-requestid: 56e3a080-a8df-4385-ab3e-20e1f822083f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YYvaLH1-IAMFbgA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63202c40-28f492196d5699066cb53d39;Sampled=0 x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:45 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: KBsiDc6LmziklLtN8BUFv9QDsj7s9zEFhmtXtlIfBp_RKoBPpqOgfA== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Sep 2022 18:17:10 GMT age: 67385 etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5402 Md5: 5f4438521bfdc6871ae384abcb7da547 Sha1: a17fc7a7c30999b8789011c2064f5a8704b00eee Sha256: 2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10244 x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: YYwBkGqjIAMFz0Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0 x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Sep 2022 14:38:21 GMT age: 80514 etag: "b1cd04a66852694284eeef16a1cde38896e33c03" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10244 Md5: 14e6ddceb639a5f4875aecb796f95c79 Sha1: b1cd04a66852694284eeef16a1cde38896e33c03 Sha256: 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: aaa2f649fd336f89b3c0fc1d9226f8763f5a8cd850826a7f0819ebe7414fbf2a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7383 x-amzn-requestid: 32b97df0-b979-4e80-a54f-cae77affc915 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Yxy2sHJ_oAMF0bg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632a31c4-2c6db6e21fa1db233a4c1f49;Sampled=0 x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:56 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: bmxUC0kur2YyFURbaNuBfgoyC3_l6XVfmKAyA-41jFdjBN2bY60GkQ== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Sep 2022 21:41:04 GMT etag: "96048f054243b5a13f14ab3dd9f4a0f3f2e0feae" age: 55151 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7383 Md5: 681b3e236c8b9bc524d935af247ec72b Sha1: 96048f054243b5a13f14ab3dd9f4a0f3f2e0feae Sha256: aaa2f649fd336f89b3c0fc1d9226f8763f5a8cd850826a7f0819ebe7414fbf2a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19a7100-8d4f-4c0a-8865-191670cb2db4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b287b0bf2b3dc834a657dc98a9eef006577554306fa481bbc9de5a16943129f1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6667 x-amzn-requestid: 1798057c-208d-471e-8d5c-602631418afd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Yxy1nHvsoAMF23A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-632a31bd-121c21f710767cde77a06945;Sampled=0 x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT x-amz-cf-pop: YVR50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: zZPZeGnp4EKeaTyl_Fx3IRaJECuCDzwDFb5nxrA9GYY9muCLPWrILg== via: 1.1 e71753cf85369390852fdcb22bf59aa8.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google date: Tue, 20 Sep 2022 21:40:47 GMT age: 55168 etag: "65886e11d9f792452cceea23444722ff4028b081" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6667 Md5: 9c4ba493d60a12accc1dc9c3299fa01d Sha1: 65886e11d9f792452cceea23444722ff4028b081 Sha256: b287b0bf2b3dc834a657dc98a9eef006577554306fa481bbc9de5a16943129f1

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Wed, 21 Sep 2022 12:13:35 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: q12o-abSFRmL8d9bx-GODiJ3_3SY5R0mrYsAzYqBNI3msucBPTREhA== 

                                        
                                            
Age: 2797 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    804f8bbb7f556d51a5f52d5ebd5b6eef

                                                Sha1:   922cd7e06df278615a04abb81d811d14596c8180

                                                Sha256: ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.25

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 10 Sep 2022 18:47:45 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Wed, 21 Sep 2022 04:35:14 GMT 

                                        
                                            
etag: "6113f8408c59aebe188d6af273b90743" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: rtgVrsK4b2lEZa5O_OIFn42bqkTOaIWGAMTEeF2bA9NbDEZ3Aj-bLg== 

                                        
                                            
age: 30300 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    6113f8408c59aebe188d6af273b90743

                                                Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b

                                                Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Wed, 21 Sep 2022 12:03:22 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Expires: Wed, 21 Sep 2022 12:43:37 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: 7SCqng2uz2f3hfzSjluw05m7N7WfyjSVInH1vsoWjnDRsBFsBUyjDQ== 

                                        
                                            
Age: 3411 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5554 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Wed, 21 Sep 2022 13:00:13 GMT 

                                        
                                            
Last-Modified: Wed, 21 Sep 2022 11:27:39 GMT 

                                        
                                            
Server: ECS (ska/F71C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    ff6d50919e56aed75c47feb45ee2f2ec

                                                Sha1:   98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef

                                                Sha256: b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" 

                                        
                                            
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9452 

                                        
                                            
Expires: Wed, 21 Sep 2022 15:37:47 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 13:00:15 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8ebb267e443b81854ef9a01b3eb6489d

                                                Sha1:   b932e9e5679da5a9160da5429458041765509b52

                                                Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2" 

                                        
                                            
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=9452 

                                        
                                            
Expires: Wed, 21 Sep 2022 15:37:47 GMT 

                                        
                                            
Date: Wed, 21 Sep 2022 13:00:15 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8ebb267e443b81854ef9a01b3eb6489d

                                                Sha1:   b932e9e5679da5a9160da5429458041765509b52

                                                Sha256: 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9201 

                                        
                                            
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YxzxlEYcoAMFaQQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT 

                                        
                                            
x-amz-cf-pop: SFO5-P2, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA== 

                                        
                                            
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 20 Sep 2022 21:43:18 GMT 

                                        
                                            
age: 55017 

                                        
                                            
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9201

                                                Md5:    a692964324dbb9c460a1b855808d02e6

                                                Sha1:   1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54

                                                Sha256: 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5402 

                                        
                                            
x-amzn-requestid: 56e3a080-a8df-4385-ab3e-20e1f822083f 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: YYvaLH1-IAMFbgA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63202c40-28f492196d5699066cb53d39;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:45 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: KBsiDc6LmziklLtN8BUFv9QDsj7s9zEFhmtXtlIfBp_RKoBPpqOgfA== 

                                        
                                            
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 20 Sep 2022 18:17:10 GMT 

                                        
                                            
age: 67385 

                                        
                                            
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5402

                                                Md5:    5f4438521bfdc6871ae384abcb7da547

                                                Sha1:   a17fc7a7c30999b8789011c2064f5a8704b00eee

                                                Sha256: 2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8fb4f53-c4a2-4769-939e-c2f7ff562e36.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7383 

                                        
                                            
x-amzn-requestid: 32b97df0-b979-4e80-a54f-cae77affc915 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Yxy2sHJ_oAMF0bg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-632a31c4-2c6db6e21fa1db233a4c1f49;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:56 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: bmxUC0kur2YyFURbaNuBfgoyC3_l6XVfmKAyA-41jFdjBN2bY60GkQ== 

                                        
                                            
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 20 Sep 2022 21:41:04 GMT 

                                        
                                            
etag: "96048f054243b5a13f14ab3dd9f4a0f3f2e0feae" 

                                        
                                            
age: 55151 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7383

                                                Md5:    681b3e236c8b9bc524d935af247ec72b

                                                Sha1:   96048f054243b5a13f14ab3dd9f4a0f3f2e0feae

                                                Sha256: aaa2f649fd336f89b3c0fc1d9226f8763f5a8cd850826a7f0819ebe7414fbf2a

URL	172.245.120.8/Aj%C3%A1nlatk%C3%A9r%C3%A9s%20sz%C3%A1m222109%C2%B710397%C2%B7pdf.zip
IP	172.245.120.8 (United States)
ASN	#36352 AS-COLOCROSSING
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-21 13:00:24 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (8)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.245.120.8

Last 5 reports on ASN: AS-COLOCROSSING

Last 5 reports on domain: 172.245.120.8.

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (18)

Overview

Domain Summary (8)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.245.120.8

Last 5 reports on ASN: AS-COLOCROSSING

Last 5 reports on domain: 172.245.120.8.

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (18)

Network Intrusion Detection Systems