Overview

URL siparisler.github.io/586v/04.07.2022_PAZARTESI_SIPARISLER.XLSX
IP185.199.110.153
ASNFASTLY
Location United States
Report completed2022-09-23 10:37:39 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 siparisler.github.io/586v/04.07.2022_PAZARTESI_SIPARISLER.XLSX Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL siparisler.github.io/586v/04.07.2022_PAZARTESI_SIPARISLER.XLSX
IP  185.199.110.153
Magic Microsoft Excel 2007+\012- Zip archive data, at least v2.0\012- to extract, compression method=deflate\012- data
Size 166844
MD5 ea273838cc231f189370e3881dc318cb
SHA1 e350d073966c4d6306760671b68b38c7cb6d0584
SHA256 cb9cc7841fdd46b14f48ac6f26836e7b38912b2c7a00d378837a8b92f55bdaba
Analyzer Analysed Verdict Comment
VirusTotal 2022-07-18 14:20:16 25/61


Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:49:01 UTC 143.204.55.49
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
mnemonic passive DNS siparisler.github.io (1) 0 2022-06-30 09:56:04 UTC 2022-09-23 00:35:40 UTC 185.199.110.153 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-23 08:34:06 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 52.38.146.2
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.36
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.77.32


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.199.110.153

Date UQ / IDS / BL URL IP
2022-10-01 01:25:48 +0000
0 - 0 - 1 morcelik.github.io/ao5o/24.06.2022.CUMA.IHTIY (...) 185.199.110.153
2022-09-30 22:56:04 +0000
0 - 0 - 5 wkazisan.github.io/facebook-login-page/ 185.199.110.153
2022-09-30 07:10:59 +0000
0 - 0 - 1 izlidemi.github.io/umdk/22.09.2022_siparis_li (...) 185.199.110.153
2022-09-29 19:49:20 +0000
0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.110.153
2022-09-29 09:51:01 +0000
0 - 0 - 3 yairix.github.io/Login-Instagram/ 185.199.110.153

Last 5 reports on ASN: FASTLY

Date UQ / IDS / BL URL IP
2022-10-01 09:13:49 +0000
0 - 0 - 3 facebook-help-3003428746303.web.app/ 199.36.158.100
2022-10-01 09:13:26 +0000
0 - 0 - 3 fb-community-standards-344255.firebaseapp.com/ 199.36.158.100
2022-10-01 09:03:09 +0000
0 - 0 - 2 meta-copyright-appeal-1631687.web.app/ 199.36.158.100
2022-10-01 08:56:31 +0000
0 - 0 - 7 ssw2.myportfolio.com/ 151.101.84.119
2022-10-01 08:50:43 +0000
0 - 0 - 2 meta-copyright-appeal-1261867.web.app/ 199.36.158.100

Last 5 reports on domain: siparisler.github.io

Date UQ / IDS / BL URL IP
2022-10-01 01:08:42 +0000
0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.109.153
2022-09-30 10:48:52 +0000
0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.111.153
2022-09-29 19:49:20 +0000
0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.110.153
2022-09-29 04:34:10 +0000
0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.109.153
2022-09-28 16:08:01 +0000
0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.110.153

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-01 09:13:28 +0000
0 - 0 - 1 novistasteel.com/la/uenxcitnoper 192.185.3.213
2022-10-01 09:12:22 +0000
0 - 0 - 1 nowaygamers.pt/lr/uusuamqaditb 213.32.57.100
2022-10-01 09:12:09 +0000
0 - 0 - 1 nowaygamers.pt/lr/seuiqsd 213.32.57.100
2022-10-01 09:11:56 +0000
0 - 0 - 1 nowaygamers.pt/lr/ccaacnutmiuleuestsd 213.32.57.100
2022-10-01 09:11:43 +0000
0 - 0 - 1 nowaygamers.pt/lr/tanusqieesap 213.32.57.100


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (18)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 10:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RFrFfByVUlLvFllFCZlPOEuvJAizMgwz_IXeRr6MW9uYh6h_dAhk1w==
Age: 1401


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16601
Expires: Fri, 23 Sep 2022 15:14:10 GMT
Date: Fri, 23 Sep 2022 10:37:29 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hmIPJA7-WUGzq6MNNMs1yHnXCiAojyow8sjv1ksNgzT9PevXLt0QIw==
age: 21735
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 23 Sep 2022 10:37:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /586v/04.07.2022_PAZARTESI_SIPARISLER.XLSX HTTP/1.1 
Host: siparisler.github.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         185.199.110.153
HTTP/2 200 OK
                                        
server: GitHub.com
content-type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
permissions-policy: interest-cohort=()
last-modified: Mon, 04 Jul 2022 07:22:51 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62c2954b-28bbc"
expires: Fri, 23 Sep 2022 10:47:29 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 080F:2255:CDC26F:115C0BE:632D8C68
accept-ranges: bytes
date: Fri, 23 Sep 2022 10:37:29 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1644-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663929449.949559,VS0,VE403
vary: Accept-Encoding
x-fastly-request-id: c426d6960f0ca06d65d3642c52a99c015bab5595
content-length: 166844
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Microsoft Excel 2007+\012- Zip archive data, at least v2.0\012- to extract, compression method=deflate\012- data
Size:   166844
Md5:    ea273838cc231f189370e3881dc318cb
Sha1:   e350d073966c4d6306760671b68b38c7cb6d0584
Sha256: cb9cc7841fdd46b14f48ac6f26836e7b38912b2c7a00d378837a8b92f55bdaba

Alerts:
  Blocklists:
    - fortinet: Malware
  File Analyzers:
    - virustotal: 25/61
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 10:03:22 GMT
Expires: Fri, 23 Sep 2022 10:23:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gE4Es8aoaaOy3FFhSV5hlGXbrAk8SOh2VyMHBIny9-_0DS6GgX52cA==
Age: 2047


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4780
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 10:37:29 GMT
Last-Modified: Fri, 23 Sep 2022 09:17:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LtYFc5G4L0GR8ztB9A8hCg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.38.146.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7unc6zKv0uCJ1rzfXXWHh2P+zrU=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13682
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:37:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13682
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:37:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13682
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:37:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13682
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 10:37:31 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10822
x-amzn-requestid: 308978c4-679f-4bb6-bfd7-a81dc00ec3db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoKcMG-kIAMFZKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63265781-03f94c0a385ed28408de81c8;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 23:25:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9fh_DJXLHRaerYmgTGoVX3LRsMIgzf46bn48yzXp8Xdp8WippJExcg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 11:05:21 GMT
age: 84730
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10822
Md5:    948abf9bedd1bd67010284080ba06d01
Sha1:   dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
Sha256: 236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 21875
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F256647b7-64d8-4f7e-9d77-276811e8e1b1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9484
x-amzn-requestid: ac493b06-28bc-4a84-ad7a-060617233da8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4ZDRHHiIAMFnow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd547-7944659e3cb7134b58da757f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:36:07 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OzTpgbr1HluiZtdiVUrQjTV1KMWuynatd1A8L8excXJDJsnM45A3Hg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:53:16 GMT
age: 45855
etag: "47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9484
Md5:    ae63806537bc1795029ac9e522b4abb1
Sha1:   47c7e2fd6f0ea1bd6c9f494137b7ce53a91cf781
Sha256: 369fe0af9bba20526bb10c7240a7571e72726fa653bbb70d8e56fabb13cf9358
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 45003
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 44765
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 46149
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c