urlquery - report: adanateknikservis.web.tr/wp-content/plugins/formcraft/file-upload/server/content/files/161fad978ec2d9---47185519231.pdf

Overview

URL	adanateknikservis.web.tr/wp-content/plugins/formcraft/file-upload/server/content/files/161fad978ec2d9---47185519231.pdf
IP	51.77.161.160
ASN	OVH SAS
Location	France
Report completed	2022-06-26 22:16:50 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-26	2	adanateknikservis.web.tr/wp-content/plugins/formcraft/file-upload/server/co (...)	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

URL	adanateknikservis.web.tr/wp-content/plugins/formcraft/file-upload/server/co (...)
IP	51.77.161.160
Magic	PDF document, version 1.4, 3 pages\012- data
Size	148993
MD5	d8d7efe2a5e5a1c2300195d0e5547e28
SHA1	836e9fce3e71f199dbcd261b2087f061b17af763
SHA256	7b7c241aa9139b782a9b2a2d3a65c830405c15683febeb30121fa750521f716c

Analyzer	Analysed	Verdict	Comment
VirusTotal	2022-04-10 11:23:04	21/60

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-26 04:50:15 UTC	34.120.237.76
[Mnemonic Passive DNS]	adanateknikservis.web.tr (2)	0	2016-03-31 13:53:28 UTC	2020-08-26 17:20:00 UTC	51.77.161.160	Unknown ranking
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.65
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-26 05:33:42 UTC	54.230.111.64
[Mnemonic Passive DNS]	r3.o.lencr.org (4)	344	2020-12-02 08:52:13 UTC	2022-06-26 05:39:14 UTC	23.36.77.32
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-06-26 15:18:03 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-26 05:01:41 UTC	52.43.61.95

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 51.77.161.160

Date	UQ / IDS / BL	URL	IP
2022-08-05 13:34:47 +0000	0 - 0 - 1	adanateknikservis.web.tr/wp-content/plugins/f (...)	51.77.161.160
2022-08-02 17:55:49 +0000	0 - 0 - 1	www.barankayalar.com.tr/wp-content/plugins/fo (...)	51.77.161.160
2022-08-02 17:55:00 +0000	0 - 0 - 1	www.barankayalar.com.tr/wp-content/plugins/fo (...)	51.77.161.160
2022-08-02 17:38:46 +0000	0 - 0 - 1	www.agrosystem.com.tr/wp-content/plugins/form (...)	51.77.161.160
2022-07-02 15:39:02 +0000	0 - 0 - 17	www.marsagri.com/wp-content/plugins/formcraft (...)	51.77.161.160
2022-06-30 01:43:59 +0000	0 - 0 - 1	adanateknikservis.web.tr/wp-content/plugins/f (...)	51.77.161.160
2022-06-29 21:27:23 +0000	0 - 0 - 1	adanateknikservis.web.tr/wp-content/plugins/f (...)	51.77.161.160
2022-06-28 08:53:07 +0000	0 - 0 - 1	www.barankayalar.com.tr/wp-content/plugins/fo (...)	51.77.161.160
2022-06-27 14:10:11 +0000	0 - 0 - 1	www.barankayalar.com.tr/wp-content/plugins/fo (...)	51.77.161.160
2022-06-25 19:36:13 +0000	0 - 0 - 1	barankayalar.com.tr/wp-content/plugins/formcr (...)	51.77.161.160

Last 10 reports on ASN: OVH SAS

Date	UQ / IDS / BL	URL	IP
2022-08-11 15:09:00 +0000	0 - 0 - 2	m7.vizocare.net/email/unsubscribe/62f51060b6d (...)	51.222.111.3
2022-08-11 15:01:35 +0000	0 - 0 - 2	circoloamatoripodisti.it/hihuih/ched.php/	164.132.162.62
2022-08-11 14:51:44 +0000	0 - 0 - 1	agroturismoarkaia.com/images/	87.98.229.149
2022-08-11 14:34:00 +0000	0 - 0 - 3	https://abmaxdigital.com/wp-content/uploads/2 (...)	51.79.72.47
2022-08-11 14:33:34 +0000	0 - 0 - 1	conservationenergy.com/wp-content/plugins/for (...)	167.114.158.54
2022-08-11 14:22:18 +0000	0 - 0 - 81	lingogurugerman.com/nb/B/5c23m22Rv.zip	46.105.215.66
2022-08-11 14:18:31 +0000	0 - 0 - 27	ayddesarrollos.com.ar/	192.99.38.174
2022-08-11 13:49:44 +0000	0 - 0 - 6	mon-evenement.live/	141.94.170.170
2022-08-11 13:42:15 +0000	0 - 0 - 1	elbondi.com/phpmyadmin/themes/original/jquery (...)	54.39.2.119
2022-08-11 13:33:34 +0000	0 - 0 - 1	192.99.237.111/wp-includes/Vyj7l35iCeCAT/	192.99.237.111

Last 4 reports on domain: adanateknikservis.web.tr

Date	UQ / IDS / BL	URL	IP
2022-08-05 13:34:47 +0000	0 - 0 - 1	adanateknikservis.web.tr/wp-content/plugins/f (...)	51.77.161.160
2022-06-30 01:43:59 +0000	0 - 0 - 1	adanateknikservis.web.tr/wp-content/plugins/f (...)	51.77.161.160
2022-06-29 21:27:23 +0000	0 - 0 - 1	adanateknikservis.web.tr/wp-content/plugins/f (...)	51.77.161.160
2022-06-23 18:58:46 +0000	0 - 0 - 1	adanateknikservis.web.tr/wp-content/plugins/f (...)	51.77.161.160

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (18)

Request	Response
GET /wp-content/plugins/formcraft/file-upload/server/content/files/161fad978ec2d9---47185519231.pdf HTTP/1.1 Host: adanateknikservis.web.tr User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: PDF document, version 1.4, 3 pages\012- data Size: 148993 Md5: d8d7efe2a5e5a1c2300195d0e5547e28$ 51.77.161.160 HTTP/1.1 200 OK Connection: Keep-Alive Keep-Alive: timeout=5, max=100 content-type: application/pdf last-modified: Wed, 02 Feb 2022 19:20:24 GMT accept-ranges: bytes content-length: 148993 date: Sun, 26 Jun 2022 22:18:32 GMT server: LiteSpeed --- Additional Info --- Magic: PDF document, version 1.4, 3 pages\012- data Size: 148993 Md5: d8d7efe2a5e5a1c2300195d0e5547e28 Sha1: 836e9fce3e71f199dbcd261b2087f061b17af763 Sha256: 7b7c241aa9139b782a9b2a2d3a65c830405c15683febeb30121fa750521f716c Alerts: Blocklists: - fortinet: Phishing File Analyzers: - virustotal: 21/60
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sun, 26 Jun 2022 21:46:27 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: EOhHRxG98qmiVWRl-5O_odMGMC9t74gOun1HaJ1sC7CAgDZ2apwX6g== Age: 1807 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.64 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sun, 26 Jun 2022 02:10:54 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 0UTbWZkUD75A-XhI1xrLFdVWdj-tOqggVn1aqfwnTjTWQB21VdFHcg== age: 72342 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "82BA5EF79A337F17AC89D35A6869A1C607D98C1C1F7F599962AEDD03580A9118" Last-Modified: Sun, 26 Jun 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2319 Expires: Sun, 26 Jun 2022 22:55:14 GMT Date: Sun, 26 Jun 2022 22:16:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 63f6d471446d699d2f157ca81c302d62 Sha1: 5a1c5828e2b23650a44f34d9398bffc3c5c58adf Sha256: 82ba5ef79a337f17ac89d35a6869a1c607d98c1c1f7f599962aedd03580a9118
GET /favicon.ico HTTP/1.1 Host: adanateknikservis.web.tr User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://adanateknikservis.web.tr/	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 1238 Md5: 0bde7d4b3da67537eaf9188e6f8049cf$ 51.77.161.160 HTTP/1.1 404 Not Found Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-type: text/html content-length: 1238 date: Sun, 26 Jun 2022 22:18:32 GMT server: LiteSpeed --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 1238 Md5: 0bde7d4b3da67537eaf9188e6f8049cf Sha1: 64300fc482d01d38b40ab20e15960b6509665e5a Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Sun, 26 Jun 2022 22:16:35 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sun, 26 Jun 2022 21:39:30 GMT Cache-Control: max-age=3600 Expires: Sun, 26 Jun 2022 21:58:42 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: AMQuxaTEQl1cjrk516C8dmkP3cxTAtPD5Wx1U6NcM40KOSvTVxoFww== Age: 2685 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1116 Cache-Control: max-age=122973 Date: Sun, 26 Jun 2022 22:16:36 GMT Etag: "62b813c5-1d7" Expires: Tue, 28 Jun 2022 08:26:09 GMT Last-Modified: Sun, 26 Jun 2022 08:07:33 GMT Server: ECS (ska/F6FC) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: cc67ad023b004d0d33577216eafeed46 Sha1: 426bcf09aec93f1039439363b8864ef52b7c8bcb Sha256: 24a6f3a35d843d7e47b7cc248e9e006c8b73a95999b74cb002707902b88e4215
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: tatJhik/HYJcmzAIBfunuQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.43.61.95 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 7qJglaoXNs/slEA4pqvlfP515Ko= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10543 Expires: Mon, 27 Jun 2022 01:12:20 GMT Date: Sun, 26 Jun 2022 22:16:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10543 Expires: Mon, 27 Jun 2022 01:12:20 GMT Date: Sun, 26 Jun 2022 22:16:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10543 Expires: Mon, 27 Jun 2022 01:12:20 GMT Date: Sun, 26 Jun 2022 22:16:37 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed27d0f1-b2b2-408e-b8ce-e6b4ab77a162.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4885 Md5: d4cdba676cda379c2cc5b64dcdbeaa56$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4885 x-amzn-requestid: 49973bbc-69a1-4f6b-ba0b-8f656e0a8c4f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UMz5jFbGoAMFVuw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b5003c-6ede6926284870b75d4ada63;Sampled=0 x-amzn-remapped-date: Fri, 24 Jun 2022 00:07:25 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 1Jw62nne--LC-Tc1P2WOEtOUex74OwSAzdq6J8WIDrs7gPp_bkZ5cw== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 13:07:37 GMT age: 32940 etag: "63b22032e1f52226e3a2eaf2ff3e029cf4a82f7a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4885 Md5: d4cdba676cda379c2cc5b64dcdbeaa56 Sha1: 63b22032e1f52226e3a2eaf2ff3e029cf4a82f7a Sha256: eae8806a0af7ab538f496b4bd248a4f43a60efdd386c875550303a5ca4e3fb97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98245170-3eb5-4aa1-bb0a-9938f17f1df8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9549 Md5: 90dea840d2f9904dde13ce6a2e8abaa2$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9549 x-amzn-requestid: 5614889a-731a-46a8-a83f-c195e1bf7eec x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UWWzgHNPoAMF5Pg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b8d1af-6624820f4db555b43e1e2db1;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 21:37:51 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Qz-xuMD9hLl-EJESEiTdR5m2xiuBnrvI4v9JK3WXuGG8-Uasc6HkUQ== via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 a2c13de7f3df76280ef01a6604863734.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 21:43:58 GMT age: 1959 etag: "a6355e9d19fc22ecb73de36d275b899bc4e95646" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9549 Md5: 90dea840d2f9904dde13ce6a2e8abaa2 Sha1: a6355e9d19fc22ecb73de36d275b899bc4e95646 Sha256: 71107ced674396ab7915f39984e2586832458422ab054137dca2582b0023fb4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabaa1803-535b-4153-9568-1990cb5f1a0d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4240 Md5: a38f89f9b503a6f3d00ce11e669fe2a0$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4240 x-amzn-requestid: 8ede5c3c-b53a-46fe-8f38-c15568f9e7f9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTaQWE25IAMFYHg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7a402-681d48aa5f1606d9313bbb60;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 00:10:42 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: QO4tqwqXINk-F3-b_6GciWrPUm7kBBwMGPPBQ83mTUj47z9n32DxQw== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:35:36 GMT age: 78061 etag: "5f68c0da25f1d866b8823e73851d170f97e90eba" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4240 Md5: a38f89f9b503a6f3d00ce11e669fe2a0 Sha1: 5f68c0da25f1d866b8823e73851d170f97e90eba Sha256: 93df83541549ecc95b164e8fc4b597c5dd3efaa4f70da137d3342385f4a042e8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad0e66ab-2eff-4b07-97d4-8aef2204d2e6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8532 Md5: 30b326f3c723aedd3fb906437551f1fd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8532 x-amzn-requestid: 9b0563f7-5fd3-43da-a797-27eb920fa991 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTaUMH3dIAMFbQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7a41a-619921a50891057a26b9152b;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 00:11:06 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: P066KYSwOHg3eWY0XKs9REdTZOQkgXjN9y8pEsbEfpbgVEH0T0X7bA== via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:37:54 GMT etag: "9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea" content-type: image/jpeg age: 77923 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8532 Md5: 30b326f3c723aedd3fb906437551f1fd Sha1: 9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea Sha256: a498f7da0e1349370b0ad28d0d2690977201f201f55715f52c7086e874470f5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75f55290-3140-47ba-90bd-2d2ab0c7bdd7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8685 Md5: beea595edbecb9952595e92e6c02e162$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8685 x-amzn-requestid: c004ce99-5e51-45f7-8da1-769099c5739d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UWYFfGMVIAMFe2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b8d3bc-05c9623e5a49a24f4f792930;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 21:46:36 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: hmoae5kLKQQlHDR7CTlYWrXawin1suhEcKEvq3y-zLqlFb2sTExn1A== via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 21:56:27 GMT age: 1210 etag: "89a49a96d659add155912de50d56ade537ad9538" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8685 Md5: beea595edbecb9952595e92e6c02e162 Sha1: 89a49a96d659add155912de50d56ade537ad9538 Sha256: ae3561c3cebd30e6f5b80a454c329937620f6cf3d3becfa9410b4d8a39252b64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3e1d84a-1728-47d8-bc04-7da5b27045d9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9721 Md5: 01fd8b5742b0e38247b34253cb075e35$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9721 x-amzn-requestid: fab55318-719e-4e9c-8f66-fba724da75cd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TychIE3yoAMFdKA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aa746d-78b50b690376a97d6772c393;Sampled=0 x-amzn-remapped-date: Thu, 16 Jun 2022 00:08:13 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: BF7GPxuCcu36Qt9EWeiRNTD_gN9LiuUDaV9lv1pG0mwPCMISQTtsuQ== via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:16:19 GMT age: 79218 etag: "824c12da88732481458fc6c1a455c7382a649e3c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9721 Md5: 01fd8b5742b0e38247b34253cb075e35 Sha1: 824c12da88732481458fc6c1a455c7382a649e3c Sha256: 00bd45c3a5866f9bb316788864b2ff8f083c5f1d00c2a3a5abdc65aaa1fea08b