urlquery - report: hz-karavany.cz/ckfinder/userfiles/files/91053560712.pdf

Overview

URL	hz-karavany.cz/ckfinder/userfiles/files/91053560712.pdf
IP	82.208.9.182
ASN	CASABLANCA INT a.s.
Location	Czechia
Report completed	2022-06-27 00:02:02 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-27	2	hz-karavany.cz/ckfinder/userfiles/files/91053560712.pdf	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

URL	hz-karavany.cz/ckfinder/userfiles/files/91053560712.pdf
IP	82.208.9.182
Magic	PDF document, version 1.4, 3 pages\012- data
Size	326609
MD5	df1f8cd2b60080b14e8e6811efd03961
SHA1	303f9d85d89974c17e0caf1abec96b8ecf789c3e
SHA256	8fee2706e51268b29ce20e1f3ffaf1ffd6759b11530ef7d3ef066a2c2668afcc

Analyzer	Analysed	Verdict	Comment
VirusTotal		0/0

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-26 04:50:15 UTC	34.120.237.76
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.35
[Mnemonic Passive DNS]	r3.o.lencr.org (3)	344	2020-12-02 08:52:13 UTC	2022-06-26 05:39:14 UTC	23.36.77.32
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-26 05:33:42 UTC	54.230.111.99
[Mnemonic Passive DNS]	hz-karavany.cz (2)	0	2017-02-09 08:54:59 UTC	2017-09-16 13:40:05 UTC	82.208.9.182	Unknown ranking
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-06-26 15:18:03 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-26 05:01:41 UTC	52.40.161.235

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 82.208.9.182

Date	UQ / IDS / BL	URL	IP
2022-08-03 05:31:42 +0000	0 - 0 - 1	www.tractortools.cz/ckfinder/userfiles/files/ (...)	82.208.9.182
2022-08-03 05:31:37 +0000	0 - 0 - 1	www.tractortools.cz/ckfinder/userfiles/files/ (...)	82.208.9.182
2022-07-26 14:57:07 +0000	0 - 0 - 1	kerama.altrodesign.eu/ckfinder/userfiles/file (...)	82.208.9.182
2022-06-29 06:28:23 +0000	0 - 0 - 1	hz-karavany.cz/ckfinder/userfiles/files/belew (...)	82.208.9.182
2022-06-28 12:50:23 +0000	0 - 0 - 1	www.tractortools.cz/ckfinder/userfiles/files/ (...)	82.208.9.182
2022-06-25 19:38:06 +0000	0 - 0 - 1	hz-karavany.cz/ckfinder/userfiles/files/komus (...)	82.208.9.182
2022-06-23 05:09:10 +0000	0 - 0 - 1	htk2.altrodesign.eu/ckfinder/userfiles/files/ (...)	82.208.9.182
2022-06-23 01:42:58 +0000	0 - 0 - 1	solis.altrodesign.eu/ckfinder/userfiles/files (...)	82.208.9.182
2022-06-20 12:51:19 +0000	0 - 0 - 1	votava2.altrodesign.eu/ckfinder/userfiles/fil (...)	82.208.9.182
2022-06-18 20:02:16 +0000	0 - 0 - 1	solis.altrodesign.eu/ckfinder/userfiles/files (...)	82.208.9.182

Last 10 reports on ASN: CASABLANCA INT a.s.

Date	UQ / IDS / BL	URL	IP
2022-08-09 07:04:04 +0000	0 - 0 - 11	naramkylenny.cz/	77.78.76.152
2022-08-05 22:56:30 +0000	0 - 0 - 30	latinotravel.cz/images/content/Made-in-China. (...)	81.0.212.3
2022-08-05 12:27:40 +0000	0 - 0 - 1	brightworks.cz/	217.11.249.138
2022-08-04 08:00:04 +0000	0 - 0 - 1	www.greenfieldspolo.com/	77.78.104.3
2022-08-03 06:34:29 +0000	0 - 0 - 1	slenderclub.cz/ckfinder/userfiles/files/94705 (...)	81.0.232.156
2022-08-03 05:31:42 +0000	0 - 0 - 1	www.tractortools.cz/ckfinder/userfiles/files/ (...)	82.208.9.182
2022-08-03 05:31:37 +0000	0 - 0 - 1	www.tractortools.cz/ckfinder/userfiles/files/ (...)	82.208.9.182
2022-08-02 20:08:12 +0000	0 - 0 - 1	stehovani-ostrava.cz/static_pages_files/file/ (...)	82.208.18.187
2022-08-02 16:45:11 +0000	0 - 0 - 3	tonerihned.cz/userfiles/file/74075096617.pdf	81.0.206.107
2022-08-02 12:48:00 +0000	0 - 0 - 2	afksport.cz/upload/files/karabamajixixefiw.pdf	82.208.18.195

Last 2 reports on domain: hz-karavany.cz

Date	UQ / IDS / BL	URL	IP
2022-06-29 06:28:23 +0000	0 - 0 - 1	hz-karavany.cz/ckfinder/userfiles/files/belew (...)	82.208.9.182
2022-06-25 19:38:06 +0000	0 - 0 - 1	hz-karavany.cz/ckfinder/userfiles/files/komus (...)	82.208.9.182

JavaScript

Executed Scripts (2)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (17)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 54.230.111.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sun, 26 Jun 2022 23:37:17 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: UB-Yo81uJn8AFTM9vzYN_bWcSIZ5-tzk3k5A2gFZnj5zdumrDZmAdA== Age: 1470 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "82BA5EF79A337F17AC89D35A6869A1C607D98C1C1F7F599962AEDD03580A9118" Last-Modified: Sun, 26 Jun 2022 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15320 Expires: Mon, 27 Jun 2022 04:17:07 GMT Date: Mon, 27 Jun 2022 00:01:47 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 63f6d471446d699d2f157ca81c302d62 Sha1: 5a1c5828e2b23650a44f34d9398bffc3c5c58adf Sha256: 82ba5ef79a337f17ac89d35a6869a1c607d98c1c1f7f599962aedd03580a9118
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.99 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sun, 26 Jun 2022 02:10:54 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Bj6y-9hAyWwHGOpxs_2yMxfo-H9ib86v86kIwDbUv79w7fmafSePHQ== age: 78654 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /ckfinder/userfiles/files/91053560712.pdf HTTP/1.1 Host: hz-karavany.cz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: PDF document, version 1.4, 3 pages\012- data Size: 326609 Md5: df1f8cd2b60080b14e8e6811efd03961$ 82.208.9.182 HTTP/1.1 200 OK Content-Type: application/pdf Date: Mon, 27 Jun 2022 00:01:47 GMT Server: Apache/2.2.22 (Debian) Last-Modified: Fri, 15 Apr 2022 23:49:03 GMT ETag: "4fbd1-5dcba0e2bb8f9" Accept-Ranges: bytes Content-Length: 326609 Cache-Control: max-age=2592000 Expires: Wed, 27 Jul 2022 00:01:47 GMT Keep-Alive: timeout=15, max=10000 Connection: Keep-Alive --- Additional Info --- Magic: PDF document, version 1.4, 3 pages\012- data Size: 326609 Md5: df1f8cd2b60080b14e8e6811efd03961 Sha1: 303f9d85d89974c17e0caf1abec96b8ecf789c3e Sha256: 8fee2706e51268b29ce20e1f3ffaf1ffd6759b11530ef7d3ef066a2c2668afcc Alerts: Blocklists: - fortinet: Malware File Analyzers: - virustotal: 0/0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Mon, 27 Jun 2022 00:01:47 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: hz-karavany.cz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://hz-karavany.cz/	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 301 Md5: b39a6febab111620829bd41347dee5bf$ 82.208.9.182 HTTP/1.1 404 Not Found Content-Type: text/html; charset=iso-8859-1 Date: Mon, 27 Jun 2022 00:01:47 GMT Server: Apache/2.2.22 (Debian) Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 301 Keep-Alive: timeout=15, max=9999 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 301 Md5: b39a6febab111620829bd41347dee5bf Sha1: b66403ae9c13be75c44af56d2fe4b5d07c581fe5 Sha256: b9423078c9cbe25993fb14e36442bed0d86d15695678fae9fbbfa3bd7704e650
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Sun, 26 Jun 2022 23:31:51 GMT Expires: Sun, 26 Jun 2022 23:59:16 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 0HAzhqqipvHfq8rPTmXj8SwSa1g1AIYOtko5EsKUFeAUTbRGKDjJxQ== Age: 1797 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 805 Cache-Control: max-age=116350 Date: Mon, 27 Jun 2022 00:01:48 GMT Etag: "62b813c5-1d7" Expires: Tue, 28 Jun 2022 08:20:58 GMT Last-Modified: Sun, 26 Jun 2022 08:07:33 GMT Server: ECS (ska/F713) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: cc67ad023b004d0d33577216eafeed46 Sha1: 426bcf09aec93f1039439363b8864ef52b7c8bcb Sha256: 24a6f3a35d843d7e47b7cc248e9e006c8b73a95999b74cb002707902b88e4215
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: e/sZw8USvF+ChTVcH8DwfA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.40.161.235 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: MS5DRk2HRqadDgqlOBID0XNgKSk= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4230 Expires: Mon, 27 Jun 2022 01:12:20 GMT Date: Mon, 27 Jun 2022 00:01:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "231B325D990CED62D0B4BE0BA77EB3B65814F57A2E1B66C35A9819EE4D4ABE4B" Last-Modified: Sun, 26 Jun 2022 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4230 Expires: Mon, 27 Jun 2022 01:12:20 GMT Date: Mon, 27 Jun 2022 00:01:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 512e4e4457d5aab1e91cb1353ad28a6a Sha1: 7376966437b9aa256848b6950d39924a81eca481 Sha256: 231b325d990ced62d0b4be0ba77eb3b65814f57a2e1b66c35a9819ee4d4abe4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75f55290-3140-47ba-90bd-2d2ab0c7bdd7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8685 Md5: beea595edbecb9952595e92e6c02e162$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8685 x-amzn-requestid: c004ce99-5e51-45f7-8da1-769099c5739d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UWYFfGMVIAMFe2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b8d3bc-05c9623e5a49a24f4f792930;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 21:46:36 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: hmoae5kLKQQlHDR7CTlYWrXawin1suhEcKEvq3y-zLqlFb2sTExn1A== via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 21:56:27 GMT age: 7523 etag: "89a49a96d659add155912de50d56ade537ad9538" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8685 Md5: beea595edbecb9952595e92e6c02e162 Sha1: 89a49a96d659add155912de50d56ade537ad9538 Sha256: ae3561c3cebd30e6f5b80a454c329937620f6cf3d3becfa9410b4d8a39252b64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed27d0f1-b2b2-408e-b8ce-e6b4ab77a162.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4885 Md5: d4cdba676cda379c2cc5b64dcdbeaa56$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 4885 x-amzn-requestid: 49973bbc-69a1-4f6b-ba0b-8f656e0a8c4f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UMz5jFbGoAMFVuw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b5003c-6ede6926284870b75d4ada63;Sampled=0 x-amzn-remapped-date: Fri, 24 Jun 2022 00:07:25 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 1Jw62nne--LC-Tc1P2WOEtOUex74OwSAzdq6J8WIDrs7gPp_bkZ5cw== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 13:07:37 GMT age: 39253 etag: "63b22032e1f52226e3a2eaf2ff3e029cf4a82f7a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4885 Md5: d4cdba676cda379c2cc5b64dcdbeaa56 Sha1: 63b22032e1f52226e3a2eaf2ff3e029cf4a82f7a Sha256: eae8806a0af7ab538f496b4bd248a4f43a60efdd386c875550303a5ca4e3fb97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3e1d84a-1728-47d8-bc04-7da5b27045d9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9721 Md5: 01fd8b5742b0e38247b34253cb075e35$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9721 x-amzn-requestid: fab55318-719e-4e9c-8f66-fba724da75cd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TychIE3yoAMFdKA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aa746d-78b50b690376a97d6772c393;Sampled=0 x-amzn-remapped-date: Thu, 16 Jun 2022 00:08:13 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: BF7GPxuCcu36Qt9EWeiRNTD_gN9LiuUDaV9lv1pG0mwPCMISQTtsuQ== via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:16:19 GMT age: 85531 etag: "824c12da88732481458fc6c1a455c7382a649e3c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9721 Md5: 01fd8b5742b0e38247b34253cb075e35 Sha1: 824c12da88732481458fc6c1a455c7382a649e3c Sha256: 00bd45c3a5866f9bb316788864b2ff8f083c5f1d00c2a3a5abdc65aaa1fea08b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98245170-3eb5-4aa1-bb0a-9938f17f1df8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9549 Md5: 90dea840d2f9904dde13ce6a2e8abaa2$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9549 x-amzn-requestid: 5614889a-731a-46a8-a83f-c195e1bf7eec x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UWWzgHNPoAMF5Pg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b8d1af-6624820f4db555b43e1e2db1;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 21:37:51 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Qz-xuMD9hLl-EJESEiTdR5m2xiuBnrvI4v9JK3WXuGG8-Uasc6HkUQ== via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 a2c13de7f3df76280ef01a6604863734.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 21:43:58 GMT age: 8272 etag: "a6355e9d19fc22ecb73de36d275b899bc4e95646" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9549 Md5: 90dea840d2f9904dde13ce6a2e8abaa2 Sha1: a6355e9d19fc22ecb73de36d275b899bc4e95646 Sha256: 71107ced674396ab7915f39984e2586832458422ab054137dca2582b0023fb4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f21ad98-de06-44b3-ab4a-aa02f208bf17.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3258 Md5: 0d7835fc6b4ec60af87fa41789449bdb$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 3258 x-amzn-requestid: f1874aee-a1ab-4788-9a0a-a3d838f17ea5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UM0d2FXmIAMFfhA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b50125-0fa02eb028d1277f0be7f0b4;Sampled=0 x-amzn-remapped-date: Fri, 24 Jun 2022 00:11:17 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: ukdjsA3L5_fbzVxGLV3QX1y85wZv9iEGr2gO-X0kJU_3dRMrCqbWtw== via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 01:50:38 GMT age: 79872 etag: "03c864f97d69f84b50e6335daa7783117a4a1049" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3258 Md5: 0d7835fc6b4ec60af87fa41789449bdb Sha1: 03c864f97d69f84b50e6335daa7783117a4a1049 Sha256: eb9334087ab84a8305f9b3eca41d7ddd9d9534ff93e4a88aa6c11db62524ab7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad0e66ab-2eff-4b07-97d4-8aef2204d2e6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8532 Md5: 30b326f3c723aedd3fb906437551f1fd$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8532 x-amzn-requestid: 9b0563f7-5fd3-43da-a797-27eb920fa991 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UTaUMH3dIAMFbQQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b7a41a-619921a50891057a26b9152b;Sampled=0 x-amzn-remapped-date: Sun, 26 Jun 2022 00:11:06 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: P066KYSwOHg3eWY0XKs9REdTZOQkgXjN9y8pEsbEfpbgVEH0T0X7bA== via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Sun, 26 Jun 2022 00:37:54 GMT etag: "9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea" content-type: image/jpeg age: 84236 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8532 Md5: 30b326f3c723aedd3fb906437551f1fd Sha1: 9a01c55bc335f4a0bccb30f1f6bce05e6166f0ea Sha256: a498f7da0e1349370b0ad28d0d2690977201f201f55715f52c7086e874470f5b