urlquery - report: eduniversia.org/ad-quia/documents.zip

Overview

URL	eduniversia.org/ad-quia/documents.zip
IP	192.254.236.15
ASN	UNIFIEDLAYER-AS-1
Location	United States
Report completed	2022-07-03 12:00:38 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-03	2	eduniversia.org/ad-quia/documents.zip	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	eduniversia.org (2)	0	2019-04-12 07:05:55 UTC	2021-03-09 15:10:11 UTC	192.254.236.15	Unknown ranking
[Mnemonic Passive DNS]	r3.o.lencr.org (4)	344	2020-12-02 08:52:13 UTC	2022-07-03 04:49:06 UTC	23.36.76.226
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-03 08:50:17 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-03 05:03:35 UTC	44.240.216.68
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-03 04:06:00 UTC	34.120.237.76
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.35
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-03 05:07:31 UTC	54.230.111.99

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 192.254.236.15

Date	UQ / IDS / BL	URL	IP
2022-08-14 23:56:21 +0000	0 - 0 - 1	apdup.com/ex-rerum/documents.zip	192.254.236.15
2022-08-14 22:22:47 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15
2022-08-14 18:36:24 +0000	0 - 0 - 1	redtrabajos.net/quod-praesentium/documents.zip	192.254.236.15
2022-08-14 18:18:57 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15
2022-08-13 23:56:35 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15
2022-08-13 22:35:18 +0000	0 - 0 - 1	redtrabajos.net/quod-praesentium/documents.zip	192.254.236.15
2022-08-13 22:27:59 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-13 16:02:02 +0000	0 - 0 - 1	redtrabajos.net/quod-praesentium/documents.zip	192.254.236.15
2022-08-13 13:25:16 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15
2022-08-12 01:51:16 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15

Last 10 reports on ASN: UNIFIEDLAYER-AS-1

Date	UQ / IDS / BL	URL	IP
2022-08-15 16:17:03 +0000	0 - 0 - 2	gig-locator.com/royalmail/auth/billing.php	192.185.225.29
2022-08-15 16:15:14 +0000	0 - 0 - 2	www.reacredit.com.br/painel/wa/simple_slide/p (...)	162.241.203.21
2022-08-15 16:13:32 +0000	0 - 0 - 3	https://hostingparacolombia.com/i9dn32.rar	162.241.85.82
2022-08-15 16:13:31 +0000	0 - 0 - 3	hostingparacolombia.com/i9dn32.rar	162.241.85.82
2022-08-15 16:13:10 +0000	0 - 0 - 6	buyzionpark.com/photoshop-express-mem-patch-w (...)	162.241.253.87
2022-08-15 16:12:35 +0000	0 - 0 - 1	https://e-commerce.saleensuporte.com.br/z4voa7.rar	192.185.215.34
2022-08-15 16:10:58 +0000	0 - 0 - 3	https://lceventos.net/qqo0sk.tar	162.241.5.72
2022-08-15 16:10:35 +0000	0 - 0 - 1	crmfarko.manivelasst.com/e632uu.tar	162.144.7.57
2022-08-15 16:06:57 +0000	0 - 0 - 3	www.medglambox.com/home/login.php?auth=9cb48e (...)	162.241.120.58
2022-08-15 15:55:32 +0000	0 - 0 - 4	icscards.nl.online-identificatie.vizagsmiles. (...)	192.185.14.206

Last 10 reports on domain: eduniversia.org

Date	UQ / IDS / BL	URL	IP
2022-08-13 22:27:59 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-10 06:57:51 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-09 22:42:25 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-09 06:07:01 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-08 05:48:19 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-04 16:54:58 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-04 05:31:22 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-07-31 11:40:06 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-07-30 22:31:13 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-07-28 17:17:05 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (18)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sun, 03 Jul 2022 11:52:06 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: N4STQ_QU86wsheGR4C0RUiHlAwfK5c5Owo9ndXRVRBS_yqzE1jkEug== Age: 499 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.99 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sun, 03 Jul 2022 03:26:42 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Rp0W8b0NhgZkhn2hul0_8GreLp6eFqdNTugc9k3F0BSKRuQzPQOAjQ== age: 30824 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /ad-quia/documents.zip HTTP/1.1 Host: eduniversia.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 679 Md5: ff35b5b706a2eeb3f22198a99655c4cd$ 192.254.236.15 HTTP/1.1 500 Internal Server Error Content-Type: text/html; charset=iso-8859-1 Date: Sun, 03 Jul 2022 12:00:25 GMT Server: Apache Content-Length: 679 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 679 Md5: ff35b5b706a2eeb3f22198a99655c4cd Sha1: 5302382f254cbd998537730e9d7ec5dd15b38006 Sha256: c716f9b1d43f912570af9441d2e7d3c60fd9f8ff5369e79e41e53831301849b5 Alerts: Blocklists: - fortinet: Malware
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "8E263E6763753F5659AC0FC2D11DAF8ECE9720988153C38CB40631AF26C86575" Last-Modified: Fri, 01 Jul 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5981 Expires: Sun, 03 Jul 2022 13:40:06 GMT Date: Sun, 03 Jul 2022 12:00:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a7e37e80f3a67a41ff567648c1f2d285 Sha1: 7ce66e5153f2d4a7b14ccba49fd1a4b70ae274f5 Sha256: 8e263e6763753f5659ac0fc2d11daf8ece9720988153c38cb40631af26c86575
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Sun, 03 Jul 2022 12:00:26 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: eduniversia.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://eduniversia.org/ad-quia/documents.zip	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 679 Md5: ff35b5b706a2eeb3f22198a99655c4cd$ 192.254.236.15 HTTP/1.1 500 Internal Server Error Content-Type: text/html; charset=iso-8859-1 Date: Sun, 03 Jul 2022 12:00:26 GMT Server: Apache Content-Length: 679 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 679 Md5: ff35b5b706a2eeb3f22198a99655c4cd Sha1: 5302382f254cbd998537730e9d7ec5dd15b38006 Sha256: c716f9b1d43f912570af9441d2e7d3c60fd9f8ff5369e79e41e53831301849b5
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Sun, 03 Jul 2022 11:05:05 GMT Expires: Sun, 03 Jul 2022 11:58:17 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 7XCdIQrRMns7yRUiVrHBBvExvIHh_AzpUq6voIBkMA12GdRNZ6cvxw== Age: 3321 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1142 Cache-Control: 'max-age=158059' Date: Sun, 03 Jul 2022 12:00:27 GMT Last-Modified: Sun, 03 Jul 2022 11:41:25 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7fd2d0b8a7d70d0ecba887cdda2718ba Sha1: ed72cc0ceecee82915fbf166f522bffdf1ec6f4f Sha256: e6e616ccdfd9456f384da253d83ec625df3bb41575f61649638575e1bb09b1a9
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: fhe2Xz5jNxTcJhpiJ6jVOQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	44.240.216.68 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: zWB6utnttkh8t4eOBeV0QFMIUL0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638" Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6979 Expires: Sun, 03 Jul 2022 13:56:46 GMT Date: Sun, 03 Jul 2022 12:00:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 58ddda9bd3e53e01306c6a03b89b13c9 Sha1: 617798858ee1e2abf3267917c977cd743294db2e Sha256: ed6c6f73611fb56dfa41fd028e23f0bc0470d319e51b212b8078c2c0df8f4638
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638" Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6979 Expires: Sun, 03 Jul 2022 13:56:46 GMT Date: Sun, 03 Jul 2022 12:00:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 58ddda9bd3e53e01306c6a03b89b13c9 Sha1: 617798858ee1e2abf3267917c977cd743294db2e Sha256: ed6c6f73611fb56dfa41fd028e23f0bc0470d319e51b212b8078c2c0df8f4638
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638" Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6979 Expires: Sun, 03 Jul 2022 13:56:46 GMT Date: Sun, 03 Jul 2022 12:00:27 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 58ddda9bd3e53e01306c6a03b89b13c9 Sha1: 617798858ee1e2abf3267917c977cd743294db2e Sha256: ed6c6f73611fb56dfa41fd028e23f0bc0470d319e51b212b8078c2c0df8f4638
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b80a874-3f5e-4581-9500-6d2a0bc1212d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5280 Md5: 5fee14772c357a46083e22f7760c4e6f$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5280 x-amzn-requestid: 8d592659-76af-4916-a216-2011e218a753 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Ud6kMGqiIAMFY4Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbd7b4-6f693c783be26c4c7609e893;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 04:40:20 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: LfmbR3EHMsw2HZdY0NRUrgL6X-V2YYFWYPPKLlXI92i1d3kPZhE64w== via: 1.1 332ef4544bd8b531e8f11abaa4197c08.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 02 Jul 2022 14:07:02 GMT age: 78805 etag: "fc1ae4686168214871b24e79961eefb69e493d7a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5280 Md5: 5fee14772c357a46083e22f7760c4e6f Sha1: fc1ae4686168214871b24e79961eefb69e493d7a Sha256: 8bbaeafbe2750154b05409671d5bbc6bc6c9810a27b7dd3242ac01b5f0ea11da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d0e8e26-49d8-415b-bee8-60ae4c105b68.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5102 Md5: 678a7978be0c017fafb2727e6638b787$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5102 x-amzn-requestid: b5d4f734-cd44-4972-b320-e71796dc2f5a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UaZuOEHkoAMF50Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ba6ff4-7628f79a5e86f12c6de07c0f;Sampled=0 x-amzn-remapped-date: Tue, 28 Jun 2022 03:05:24 GMT x-amz-cf-pop: SFO5-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: vDomcDPzOBH_P8JSieVz9DQzp6T8GskVoA7OT8qg8nlwW7rzYwIpBg== via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google date: Sat, 02 Jul 2022 22:13:34 GMT age: 49613 etag: "74c77c954dfbbe59293ed0463c477c32c6e88298" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5102 Md5: 678a7978be0c017fafb2727e6638b787 Sha1: 74c77c954dfbbe59293ed0463c477c32c6e88298 Sha256: 44b05cbe62dd9e0d158d599cf8236ee011d1100ce7e3562616f598c2480667c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3c97a45-9072-4fac-84b3-a7c1dccc7ed9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7820 Md5: 27d70fd408502fae2c7f4bc35d3399b0$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7820 x-amzn-requestid: 33d023ab-1554-4f91-8c7a-c46a79f5947d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UeP9QGFFIAMFn2g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62bbf9ee-5466f7b04561e6ab548ec9a0;Sampled=0 x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:22 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Lhu_eNW3Gfn5barDmihnAzUGa68RSyLg3tdA-YK0_5lkjO5dMyi57A== via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google date: Sat, 02 Jul 2022 14:33:48 GMT age: 77199 etag: "228ea63d5d888e3b60c5da9d87c558bb4d269028" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7820 Md5: 27d70fd408502fae2c7f4bc35d3399b0 Sha1: 228ea63d5d888e3b60c5da9d87c558bb4d269028 Sha256: 13e88146f01a851d089f8b2519f637a106e12d29f6a9d2cb6d3f27cbfd3dc274
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8609313-2166-40d9-90ec-6341379c3fee.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7338 Md5: 432a79bdc37c3a8426f75c44b7ee239b$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7338 x-amzn-requestid: 69972365-37bc-40c3-83f3-0a42f11b02e1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UUXKlHg4IAMFqjQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b80576-186533221f7a071979ab0e84;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 07:06:30 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: lh8VUqIIAG2j2q1Ob_yjVpGNluTSQ4_jNfRrY_s6OjMD3m4srngH1g== via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Sun, 03 Jul 2022 08:13:04 GMT age: 13643 etag: "c0a0f3da9a66c00197d4135196b6685ff977ba3c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7338 Md5: 432a79bdc37c3a8426f75c44b7ee239b Sha1: c0a0f3da9a66c00197d4135196b6685ff977ba3c Sha256: 4c7ebcf38e0bf5c4c4bbd97a5f02ea76e21e1812595980100b39158e5af96bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8553 Md5: e6f97e6b64100081e8bed56216564854$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8553 x-amzn-requestid: af8b913f-5eac-4e16-9afa-42b22b9fd6ef x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UaDuIEpAIAMFv8g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62ba4cc0-29637a607cd815ef0080c235;Sampled=0 x-amzn-remapped-date: Tue, 28 Jun 2022 00:35:12 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: cJeOg5uZyKlrsa7XqpngVUr13fqslxDpFmXr-4pTfqqB46xREdv68Q== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google date: Sun, 03 Jul 2022 01:39:25 GMT age: 37262 etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8553 Md5: e6f97e6b64100081e8bed56216564854 Sha1: 303f4efaa9b98e39a935fc6514d3731d40d2977c Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd82a5d63-f405-4f54-ad9a-a423aeae09c9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7184 Md5: dbf74d25f8acb3f6b249386ce5e55871$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7184 x-amzn-requestid: 5bea16e3-4d08-4511-afc7-be12e1bdf693 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uk06uGnEIAMFlhA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62be9b77-5aedba11418da4ae48e2b501;Sampled=0 x-amzn-remapped-date: Fri, 01 Jul 2022 07:00:07 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: hA0TBCiyjTV0oJ95__nF6-t_K0j37WbuzW1-2z_gZ5qqn62WiajC0g== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 02 Jul 2022 18:34:39 GMT age: 62748 etag: "984498975a9424217a161f11ea66660a441ef6d4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7184 Md5: dbf74d25f8acb3f6b249386ce5e55871 Sha1: 984498975a9424217a161f11ea66660a441ef6d4 Sha256: bf666960a2f1d4d8c96a0b3c21bdee73a345a24916d96197d4566f925ecefedd