Overview

URL kuislandtravel.com/download/1001/islandtravel.apk
IP104.21.87.138
ASNCLOUDFLARENET
Location
Report completed2022-06-28 01:46:48 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-28 2 kuislandtravel.com/download/1001/islandtravel.apk Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-06-27 04:41:25 UTC 23.36.76.226
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-27 04:48:54 UTC 54.230.111.14
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-28 00:07:23 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-27 05:03:11 UTC 54.149.83.187
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-27 11:44:05 UTC 34.120.237.76
[Mnemonic Passive DNS] kuislandtravel.com (1) 0 No data No data 104.21.87.138 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 3 reports on IP: 104.21.87.138

Date UQ / IDS / BL URL IP
2022-07-02 07:12:50 +0000
0 - 0 - 0 mumginnbetitovri.tk/d/Adp-Payroll-Invoice-Vir (...) 104.21.87.138
2022-06-26 03:00:50 +0000
0 - 0 - 1 kuislandtravel.com/download/1001/islandtravel.apk 104.21.87.138
2022-06-23 19:06:46 +0000
0 - 0 - 1 kuislandtravel.com/download/1001/islandtravel.apk 104.21.87.138

Last 10 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-08-12 21:07:18 +0000
0 - 0 - 3 https://caioaraujo.vip/A4LO/RlRWbPgiifdickpen (...) 172.67.197.69
2022-08-12 21:07:16 +0000
0 - 0 - 3 https://caioaraujo.vip/CXUUV/ardAbnbIhodickpe (...) 172.67.197.69
2022-08-12 21:07:10 +0000
0 - 0 - 3 https://caioaraujo.vip/YJFG/OayQrpwujdickpenis.bin 104.21.52.85
2022-08-12 21:07:04 +0000
0 - 0 - 3 https://caioaraujo.vip/7SGH/WMFnliPdickpenis.bin 104.21.52.85
2022-08-12 21:06:59 +0000
0 - 0 - 3 https://caioaraujo.vip/TWIN/qSIqaXdickpenis.bin 104.21.52.85
2022-08-12 21:06:53 +0000
0 - 0 - 3 https://caioaraujo.vip/IJCBU/rVofbxdickpenis.bin 172.67.197.69
2022-08-12 21:06:51 +0000
0 - 0 - 3 https://caioaraujo.vip/8NWI/ZpEIJnYyvOrdickpe (...) 104.21.52.85
2022-08-12 21:06:46 +0000
0 - 0 - 3 https://caioaraujo.vip/P1K/bdSEROOUIbrHdickpe (...) 104.21.52.85
2022-08-12 21:06:41 +0000
0 - 0 - 3 https://caioaraujo.vip/68JR2/OOAUqdickpenis.bin 172.67.197.69
2022-08-12 21:06:34 +0000
0 - 0 - 3 https://caioaraujo.vip/BRQ/CmmCaDtyjdickpenis.bin 172.67.197.69

Last 2 reports on domain: kuislandtravel.com

Date UQ / IDS / BL URL IP
2022-06-26 03:00:50 +0000
0 - 0 - 1 kuislandtravel.com/download/1001/islandtravel.apk 104.21.87.138
2022-06-23 19:06:46 +0000
0 - 0 - 1 kuislandtravel.com/download/1001/islandtravel.apk 104.21.87.138


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (18)


Request Response
                                        
                                            GET /download/1001/islandtravel.apk HTTP/1.1 
Host: kuislandtravel.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.87.138
HTTP/1.1 301 Moved Permanently
                                        
Date: Tue, 28 Jun 2022 01:46:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 28 Jun 2022 02:46:32 GMT
Location: https://kuislandtravel.com/download/1001/islandtravel.apk
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8ne3iDDPqrAxJ%2B4LW%2BDI%2FwyrVGGRj8F6xPTKdkhZrkO7b8bMCzlXHgMQwdAeCfsOwhbbdazBwGvcOhwWrEx6gUYwIMm8EXkPQm%2BOGLH0RorEFULL7QGghhou%2B6yxD2NIEQXx8A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7222bfd2dddf0b65-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "82BA5EF79A337F17AC89D35A6869A1C607D98C1C1F7F599962AEDD03580A9118"
Last-Modified: Sun, 26 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6226
Expires: Tue, 28 Jun 2022 03:30:19 GMT
Date: Tue, 28 Jun 2022 01:46:33 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 28 Jun 2022 00:47:12 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2P9XEmtH-ZuRXVFo2HUmrwPbobMENWfuasLqrOFAVV8TZy4yCM0H_A==
Age: 3561


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.14
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 27 Jun 2022 02:10:54 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HABBdWBWAiqeGex7gNj7iueAG3ePEqjdvbiDuZJ2k2lPiXKIb8QSEA==
age: 84939
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 28 Jun 2022 01:46:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 28 Jun 2022 01:31:51 GMT
Expires: Tue, 28 Jun 2022 01:52:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WubWWJMdYgLCemQ8YdnVE8lOAdt-deU8w1DL8Px9nKAa1HPQFR49CA==
Age: 883

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1073
Cache-Control: max-age=110332
Date: Tue, 28 Jun 2022 01:46:34 GMT
Etag: "62b96545-1d7"
Expires: Wed, 29 Jun 2022 08:25:26 GMT
Last-Modified: Mon, 27 Jun 2022 08:07:33 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sBy38ay8pRobEiMSf/EiQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.149.83.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lRgKVtnMuR1EosV4/OH71sbCV+M=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2272
Expires: Tue, 28 Jun 2022 02:24:27 GMT
Date: Tue, 28 Jun 2022 01:46:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2272
Expires: Tue, 28 Jun 2022 02:24:27 GMT
Date: Tue, 28 Jun 2022 01:46:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2272
Expires: Tue, 28 Jun 2022 02:24:27 GMT
Date: Tue, 28 Jun 2022 01:46:35 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2272
Expires: Tue, 28 Jun 2022 02:24:27 GMT
Date: Tue, 28 Jun 2022 01:46:35 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8882eb6-da45-41db-ad46-0dd1a2ba430b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9239
x-amzn-requestid: c41a2788-d4ad-4978-b2a7-88ea0868f8fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: URFWaGmfoAMFfUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b6b5c2-788640f7773cf4f1646df24f;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 07:14:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 82zx0QUPk-o7nP89G07FOGQkK_CvXAAE6a5KhhoAjAzsW2rP4Z0lRQ==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Jun 2022 08:37:26 GMT
age: 61749
etag: "01545e9d41f7583e7e02beccee6b4d994833416b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9239
Md5:    03deaeb43b23e69171391f4696d702bf
Sha1:   01545e9d41f7583e7e02beccee6b4d994833416b
Sha256: a2617211b8cdbc04a7ed0b149e9dfb78ac9e7f06c63de1a7cc042af125cd4b71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bede29d-8cd7-47dd-b3c8-833a7b3254b2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8291
x-amzn-requestid: bd40bcf5-03c8-4c2e-87ee-65d92b1ad948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UZpc4HCeoAMFWqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba22b8-084b5ea535c71d207df2ade7;Sampled=0
x-amzn-remapped-date: Mon, 27 Jun 2022 21:35:52 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8OOCDJU2zgzBMbc2bUJcxKe0nh_Eo9I107VYrADZ43Jqg4WWIyhBuA==
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Jun 2022 21:51:14 GMT
age: 14121
etag: "63f550b58de46ebf47f949239203e8297b5126f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8291
Md5:    4885991641375390d15871e8996d9ef1
Sha1:   63f550b58de46ebf47f949239203e8297b5126f1
Sha256: 9f6c517ec6f04feb72457860ef78f0840bd1de342ad6531eea4c670eac58fd32
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2607bbd-9cc2-4288-bcd4-1abdf0f59a54.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6101
x-amzn-requestid: fa34c94b-864a-4e14-8adc-d9f5af20524d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UZo7BFcVoAMFWqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba21df-3e31e69952f3bece79314ee7;Sampled=0
x-amzn-remapped-date: Mon, 27 Jun 2022 21:32:15 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: N79AHkvINmHDVRuwn_nSgR3knPo2jRjzV6RcA49laMAJ-30pGIi1HQ==
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Jun 2022 22:29:26 GMT
etag: "8862743a3be46ab1a5e8bdcdf981544031240592"
content-type: image/jpeg
age: 11829
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6101
Md5:    f8dc6df6d0bfa053f2b4e21c320a37d8
Sha1:   8862743a3be46ab1a5e8bdcdf981544031240592
Sha256: 724aa462ec0ab7c3578b9a5a63e587df9ba9594ca37b5819cda2fc7270dadc41
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51d3ad79-4ecd-48c1-be4b-1b612474f481.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4650
x-amzn-requestid: 997cab1c-5d66-4ec6-8e39-4afb5404ac53
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UaAT3ExdoAMFkAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba474b-567ec0850c99075e3a133997;Sampled=0
x-amzn-remapped-date: Tue, 28 Jun 2022 00:11:55 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V_wT2iOjRkL-Fkyyc2xsOSJrusM7oekpIVUWnPcR7KkxwDg45dw5TA==
via: 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Jun 2022 00:46:47 GMT
age: 3588
etag: "dc6cc23ae2603860ea15bed3a1e142cf85c5f37a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4650
Md5:    ab2c6a7aac6dcb5dfb29dce59cfdc7da
Sha1:   dc6cc23ae2603860ea15bed3a1e142cf85c5f37a
Sha256: eb0fbf85422d4461713caeced2fba048b31dca851032dccff50eba467417dda1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F979d42d0-95fd-44aa-ac05-4317126deb7d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10296
x-amzn-requestid: 0ef7d4dc-30b2-4460-84ab-82abf57b8104
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UT0c2F71IAMFZ6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b7cdeb-26aedadf5ec7a35c0ec99909;Sampled=0
x-amzn-remapped-date: Sun, 26 Jun 2022 03:09:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tCuhe1wb94oq91afIfka35795Ir36YXMyBtAH7G0U_qfcXwaOntpow==
via: 1.1 a6a02464d953c7252173cbc33e5dbd36.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Jun 2022 05:14:17 GMT
age: 73938
etag: "9ad56dc2b79b3862584cbd6bcd2673cc94cc17ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10296
Md5:    0c7819a8a078a13c8f94918183162f22
Sha1:   9ad56dc2b79b3862584cbd6bcd2673cc94cc17ba
Sha256: 8b3d5c476c90e20f33a71b06f33ade15f6d7c256bcf2d6f00aef6a8814e12276
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b93bf8d-a461-4059-b6e7-403f209a50a1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7131
x-amzn-requestid: 7c2f30c0-7b7b-444f-9ab3-020287391fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UaBSFG6qIAMFgmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba48d9-5e1f34f350f3abf349525f65;Sampled=0
x-amzn-remapped-date: Tue, 28 Jun 2022 00:18:34 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgNPDLQLVMCY-BGaNdsxTZI8qQjhMrH6pIfxE48pJBiAcXMlQrZp6Q==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Jun 2022 00:25:35 GMT
etag: "1731eda0d1cb2e844993b0211146a08ca8cef1c4"
content-type: image/jpeg
age: 4860
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7131
Md5:    fe5e0372f7a98e54bcbf3dc3f47360f8
Sha1:   1731eda0d1cb2e844993b0211146a08ca8cef1c4
Sha256: 83fd60e3c8f830ea2fecbbd732794e88252a0c1035548642a4f31f2e75d8f128