Overview

URL cottonbiz.com/non-dolores/documents.zip
IP109.70.148.48
ASNHydra Communications Ltd
Location United Kingdom
Report completed2022-06-28 08:01:12 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-28 2 cottonbiz.com/non-dolores/documents.zip Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-28 05:35:57 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-28 05:15:05 UTC 34.212.166.60
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-06-28 04:03:59 UTC 34.120.237.76
[Mnemonic Passive DNS] cottonbiz.com (1) 0 2022-02-06 02:49:46 UTC 2022-02-06 02:49:46 UTC 109.70.148.48 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-06-28 04:47:27 UTC 23.36.77.32
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-28 04:55:22 UTC 54.230.111.99


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 109.70.148.48

Date UQ / IDS / BL URL IP
2022-08-03 03:01:40 +0000
0 - 0 - 51 streetbazaaronline.com/2022/07/01/communicati (...) 109.70.148.48
2022-07-22 05:43:10 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48
2022-07-21 18:05:54 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48
2022-07-20 04:09:15 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48
2022-07-19 22:08:46 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48
2022-07-14 10:13:55 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48
2022-07-11 02:16:18 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48
2022-07-09 18:38:41 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48
2022-07-09 18:31:42 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48
2022-07-07 17:26:05 +0000
0 - 0 - 1 medleyfurn.in/iusto-et/documents.zip 109.70.148.48

Last 10 reports on ASN: Hydra Communications Ltd

Date UQ / IDS / BL URL IP
2022-08-19 22:05:25 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52
2022-08-19 16:37:57 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52
2022-08-19 11:22:46 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52
2022-08-19 00:45:09 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52
2022-08-18 14:13:45 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52
2022-08-18 08:57:07 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52
2022-08-18 08:06:14 +0000
0 - 0 - 2 universalplastoind.com/blanditiis-non/documen (...) 109.70.148.52
2022-08-18 03:40:14 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52
2022-08-17 22:23:08 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52
2022-08-17 17:03:39 +0000
0 - 0 - 2 https://universalplastoind.com/blanditiis-non (...) 109.70.148.52

Last 10 reports on domain: cottonbiz.com

Date UQ / IDS / BL URL IP
2022-07-29 16:50:02 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.36.21
2022-07-28 17:15:38 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.36.21
2022-07-27 17:56:39 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.32.21
2022-07-26 05:19:21 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.38.21
2022-07-25 17:34:20 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.32.21
2022-07-24 00:20:44 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.32.21
2022-07-22 05:44:28 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.32.21
2022-07-21 22:38:39 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.34.21
2022-07-20 19:00:27 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.32.21
2022-07-20 04:19:24 +0000
0 - 0 - 1 cottonbiz.com/non-dolores/documents.zip 216.239.34.21


JavaScript

Executed Scripts (1)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (19)


Request Response
                                        
                                            GET /non-dolores/documents.zip HTTP/1.1 
Host: cottonbiz.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         109.70.148.48
HTTP/1.1 301 Moved Permanently
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 28 Jun 2022 08:00:56 GMT
server: LiteSpeed
location: https://cottonbiz.com/non-dolores/documents.zip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "82BA5EF79A337F17AC89D35A6869A1C607D98C1C1F7F599962AEDD03580A9118"
Last-Modified: Sun, 26 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7298
Expires: Tue, 28 Jun 2022 10:02:34 GMT
Date: Tue, 28 Jun 2022 08:00:56 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 28 Jun 2022 07:14:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4K_h8mrvHgbcYEJgJAy3NdU5Uns2wiWvDKz15qepHanRabLufeOWwg==
Age: 2813


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Jun 2022 02:10:56 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6oD4ratr52ErLjddAiB88Qqb6TqZikJXfUoDNP4tbikLpqEY_zv7Xw==
age: 21002
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Tue, 28 Jun 2022 08:00:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3721
Cache-Control: 'max-age=158059'
Date: Tue, 28 Jun 2022 08:00:57 GMT
Last-Modified: Tue, 28 Jun 2022 06:58:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 28 Jun 2022 07:31:52 GMT
Cache-Control: max-age=3600
Expires: Tue, 28 Jun 2022 07:59:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OSudLek1QNT_cZvTH6CjWplQErnfewEulOwzJ6ANT0xqiXgm2lCg-g==
Age: 1746


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mC4w2ieyu4PDLPuwDKn8PA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A0wSNRkLf57trvkL2PaBjxZwxDM=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5821
Expires: Tue, 28 Jun 2022 09:38:00 GMT
Date: Tue, 28 Jun 2022 08:00:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5821
Expires: Tue, 28 Jun 2022 09:38:00 GMT
Date: Tue, 28 Jun 2022 08:00:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5821
Expires: Tue, 28 Jun 2022 09:38:00 GMT
Date: Tue, 28 Jun 2022 08:00:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5821
Expires: Tue, 28 Jun 2022 09:38:00 GMT
Date: Tue, 28 Jun 2022 08:00:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B"
Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5821
Expires: Tue, 28 Jun 2022 09:38:00 GMT
Date: Tue, 28 Jun 2022 08:00:59 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f092bf5-4517-42fc-b48c-06207bc0810e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4972
x-amzn-requestid: 43006d1b-59c4-4a56-8af9-90921a3905c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: URbZpErFoAMF0WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b6d90a-458bfd937fe823580d72dae0;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 09:44:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7l67hqJclMyM15HCdVSkfd40jg0YzUKUwfREz-UEbz31yH1YM99foQ==
via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Jun 2022 07:00:14 GMT
age: 3645
etag: "c1a2d21a2d9b3309d980d07e5265de58b3d46e9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4972
Md5:    4615c4ab8fd735f6c2bba05f758cb1ab
Sha1:   c1a2d21a2d9b3309d980d07e5265de58b3d46e9c
Sha256: 0a8d2c04157f99a6b632feadd7aebcf34c27552b039dd2eb1d196617a967d4b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd2ef32bd-1d06-4efe-9ee3-264abace5e57.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8457
x-amzn-requestid: 058e01e4-2d52-4223-a58e-66fc3d9aad64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UZpd3GWooAMFilA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba22be-2ff856310d9c9bee446ded24;Sampled=0
x-amzn-remapped-date: Mon, 27 Jun 2022 21:35:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X-yDT6CLCTGPj9TQGIwhpp0-4EJI4EWFi9ClP3UPx-XupuiYzaThng==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Jun 2022 22:28:47 GMT
age: 34332
etag: "57e4ee94ab36b07b31fd2f78723b393861eebd70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8457
Md5:    08c81e77c222e2d2f417408fa05a9b55
Sha1:   57e4ee94ab36b07b31fd2f78723b393861eebd70
Sha256: c2c7653e61b97262a0c6a908251cccfd77ae6ecd4b489a047a2a8b4b6b8aa629
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff92f71-2ed2-4cd5-9485-1b828a130c82.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 3602
x-amzn-requestid: 813d66e0-b43c-43a7-adfd-6415f036263c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UR4VUFj8IAMF0BA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b70755-75208d3b75502cc533164913;Sampled=0
x-amzn-remapped-date: Sat, 25 Jun 2022 13:02:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yLdPLNgv70Iq4NzCylLCn7okPCwdY_x0E4WlQWXmNRqo5c_U7UMF2Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Jun 2022 04:53:05 GMT
age: 11274
etag: "a634e46c4ee333351671eca873896d3326df6c92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3602
Md5:    4d45c3dbda830f83ed7afb53cca696be
Sha1:   a634e46c4ee333351671eca873896d3326df6c92
Sha256: c63be91fc2b3b1c2b494f31420a35bce5dedd3a2058e5e369b095479d5b0056e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e72a99-483d-499b-a39b-8bc74ada0bcd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4541
x-amzn-requestid: e3803055-1706-42f3-9c4c-f8505f704cf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UaBLhFBJIAMF0BA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba48af-499da3df537cc04c0b523d80;Sampled=0
x-amzn-remapped-date: Tue, 28 Jun 2022 00:17:51 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fpYZT5cLxAqGuanC4_VSfWzv99PqndvecLnZ5XQHxAI7XsS5R1SMNw==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 eab8a154a09e69260fbfe4df90182b2e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Jun 2022 00:25:35 GMT
etag: "54d8f88f9d0d0120590137d8e56b825c17c80027"
content-type: image/jpeg
age: 27324
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4541
Md5:    a85340b0ab553f512b956d0b2abd622d
Sha1:   54d8f88f9d0d0120590137d8e56b825c17c80027
Sha256: f6b6bc0f4ca29c05584a93e358b5f1048bcc6aa9a0e1af101bc9a19ad93bc81c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8795b5a-8132-4392-99e8-1710743caeb4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10119
x-amzn-requestid: 60494dba-c489-48eb-83cc-382e0ef0dccd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UZpcyHSOoAMFRqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba22b7-407f23b21001b8b31976aed2;Sampled=0
x-amzn-remapped-date: Mon, 27 Jun 2022 21:35:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AfzMd1hslp1aBuYfK8NCgfPOWSNnH6zgZefM54f-jwyaKp5nBZ9eIg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Jun 2022 21:49:13 GMT
age: 36706
etag: "9489a74eaaec4099038281b8f1936f720dfdc03c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10119
Md5:    4a44bc1a75b2fee478cb8f98c94f18c1
Sha1:   9489a74eaaec4099038281b8f1936f720dfdc03c
Sha256: 1c999a790c72e9c64521b2e8fb23a9830b55fdbf7a191d32edf13ad27338830c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa544857c-94df-4a2f-a455-7086ddb48824.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 13702
x-amzn-requestid: 9d6907b5-0f95-44d1-bcd8-64c2247f1b6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UZpd2GHLoAMFRWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba22be-0ab5354847837db1796ed8df;Sampled=0
x-amzn-remapped-date: Mon, 27 Jun 2022 21:35:58 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ciyKVpdH0yUyrE9NnuydS_7HBL9Mb11MG0Fz5fMnOlsJ-WRUQiWnUA==
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Jun 2022 21:47:11 GMT
age: 36828
etag: "6cb50d3899f8193251f9e61b7347c943e3af2dc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13702
Md5:    9811abfddac37aabca1e40b3cdccf79e
Sha1:   6cb50d3899f8193251f9e61b7347c943e3af2dc9
Sha256: 9da1183068693da26dd9bc19827c48419eb40c81370b52bf336b1d58d6ba97cb