urlquery - report: amc-lda.com/assets/kcfinder/upload/files/

Overview

URL	amc-lda.com/assets/kcfinder/upload/files/
IP	94.46.169.85
ASN	Almouroltec Servicos De Informatica E Internet Lda
Location	Portugal
Report completed	2022-07-06 04:01:06 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-06	2	amc-lda.com/assets/kcfinder/upload/files/	Phishing
2022-07-06	2	www.amc-lda.com/assets/kcfinder/upload/files/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (10)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	r3.o.lencr.org (4)	344	2020-12-02 08:52:13 UTC	2022-07-05 04:59:43 UTC	23.36.77.32
[Mnemonic Passive DNS]	amc-lda.com (1)	0	2016-01-04 10:42:46 UTC	2022-06-26 06:35:21 UTC	94.46.169.85	Unknown ranking
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-05 22:46:12 UTC	93.184.220.29
[Mnemonic Passive DNS]	www.amc-lda.com (1)	0	2016-01-04 10:42:46 UTC	2022-06-26 06:35:21 UTC	94.46.169.85	Unknown ranking
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.35
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-05 05:12:14 UTC	54.230.111.14
[Mnemonic Passive DNS]	ocsp2.globalsign.com (1)	1544	2012-05-21 07:12:19 UTC	2022-07-05 05:03:18 UTC	104.18.21.226
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-05 05:12:14 UTC	52.39.242.231
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-05 12:56:13 UTC	34.120.237.76

Recent reports on same IP/ASN/Domain

Last 3 reports on IP: 94.46.169.85

Date	UQ / IDS / BL	URL	IP
2022-08-16 14:24:53 +0000	0 - 0 - 2	amc-lda.com/assets/kcfinder/upload/files/	94.46.169.85
2022-07-11 17:06:10 +0000	0 - 0 - 1	cm-seia.pt/bfnjg	94.46.169.85
2022-06-10 10:47:01 +0000	0 - 0 - 1	https://www.amc-lda.com/assets/kcfinder/uploa (...)	94.46.169.85

Last 10 reports on ASN: Almouroltec Servicos De Informatica E Internet Lda

Date	UQ / IDS / BL	URL	IP
2022-08-18 21:09:18 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/ja2odu=/jzjn2e=	94.46.173.34
2022-08-18 21:03:59 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/ja2odu=/jc1zje=	94.46.173.34
2022-08-18 20:29:01 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/jg5zmm=/jjhmjk=	94.46.173.34
2022-08-18 20:28:40 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/jg5zmm=/jfizde=	94.46.173.34
2022-08-18 20:28:20 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/jg5zmm=	94.46.173.34
2022-08-18 20:27:54 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/miymwm=/dkxmju=	94.46.173.34
2022-08-18 20:26:59 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/miymwm=	94.46.173.34
2022-08-18 20:26:42 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/miymwm=/ge3ntk=	94.46.173.34
2022-08-18 20:26:21 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/miymwm=/daznwq=	94.46.173.34
2022-08-18 20:25:59 +0000	0 - 0 - 1	https://noblea.com/wp-admin/home/tu1nwm=/tk4mji=	94.46.173.34

Last 2 reports on domain: amc-lda.com

Date	UQ / IDS / BL	URL	IP
2022-08-16 14:24:53 +0000	0 - 0 - 2	amc-lda.com/assets/kcfinder/upload/files/	94.46.169.85
2022-06-10 10:47:01 +0000	0 - 0 - 1	https://www.amc-lda.com/assets/kcfinder/uploa (...)	94.46.169.85

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (19)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Wed, 06 Jul 2022 03:56:00 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: BBD7Tj5TGOqJ7FGlE8ci5Yt_dwlgrJub9KXfkV4bEXzZ6OFMCxXxRg== Age: 292 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659" Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4100 Expires: Wed, 06 Jul 2022 05:09:12 GMT Date: Wed, 06 Jul 2022 04:00:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 65822db7ce56247876fbdcc5c29607f6 Sha1: 91262a33683099ad0dc3631d0a7a9051d8539b20 Sha256: 5ca12512dfbe8a007255191678a4ecd570026d865ae741c0d3025d8fe1a58659
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Wed, 06 Jul 2022 03:26:46 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: iIG-O4t-NIO_-InAFuj-n-sqzxYAs1IQwhHo0S8aGiqBabn0qEskNw== age: 2047 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /assets/kcfinder/upload/files/ HTTP/1.1 Host: amc-lda.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 237 Md5: f0d371bf3d4c45c9e4cec1fb1cd915ef$ 94.46.169.85 HTTP/1.1 302 Found Content-Type: text/html; charset=iso-8859-1 Server: nginx Date: Wed, 06 Jul 2022 04:00:52 GMT Content-Length: 237 Connection: keep-alive X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains; Feature-Policy: microphone 'none'; camera 'none'; sync-xhr 'self' https://www.amc-lda.com/pt Location: https://www.amc-lda.com/assets/kcfinder/upload/files/ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 237 Md5: f0d371bf3d4c45c9e4cec1fb1cd915ef Sha1: cb6fb8edc87b735f936abb639c00dd0eaad08e4d Sha256: 4967b6d348b983b73c3bbe720a1f13c21114c0557913088b084bc4fcc2433dbf Alerts: Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Wed, 06 Jul 2022 04:00:52 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.35 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Wed, 06 Jul 2022 03:34:59 GMT Cache-Control: max-age=3600 Expires: Wed, 06 Jul 2022 03:39:05 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: RchdtvGw96LqmasY5w1PDMn8eK2Dacbrd-rMT8wLc-bY5LOlGAibvg== Age: 1557 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 477 Cache-Control: 'max-age=158059' Date: Wed, 06 Jul 2022 04:00:53 GMT Last-Modified: Wed, 06 Jul 2022 03:52:56 GMT Server: ECS (ska/F71D) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15971ec9d16508a7ed7e29f0eabff6c1 Sha1: f193a969cc099ce6a7469fa3b0765d3e14901fda Sha256: 5d530c0312fbb1aa93bf3fdbd7ca66f8e2057b6965982ae1aa79398c02400604
POST /gsalphasha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 06 Jul 2022 04:00:53 GMT Content-Length: 1423 Connection: keep-alive Expires: Sun, 10 Jul 2022 04:00:53 GMT ETag: "17c523eff35d32d4129a7701dd5440314c52e63c" Last-Modified: Wed, 06 Jul 2022 04:00:53 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: MISS Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 72656f9d49d7b4f4-OSL --- Additional Info --- Magic: data Size: 1423 Md5: 7c7b3f78471826c440abcf4a7678a8dc Sha1: 17c523eff35d32d4129a7701dd5440314c52e63c Sha256: bbc14321b732cc7338c1ae8dcb1b8cca048cc8f6ba2a924cd2c7b573d8f901a0
GET /assets/kcfinder/upload/files/ HTTP/1.1 Host: www.amc-lda.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 131 Md5: c92aa5f16d78423a983a5d7ae44428e4$ 94.46.169.85 HTTP/2 200 OK server: nginx date: Wed, 06 Jul 2022 04:00:53 GMT content-length: 131 x-frame-options: SAMEORIGIN strict-transport-security: max-age=15552000; includeSubDomains; feature-policy: microphone 'none'; camera 'none'; sync-xhr 'self' https://www.amc-lda.com/pt last-modified: Thu, 18 Jun 2015 14:41:08 GMT accept-ranges: bytes referrer-policy: no-referrer-when-downgrade x-xss-protection: 1;mode=block x-content-type-options: nosniff content-security-policy: form-action https:; upgrade-insecure-requests x-permitted-cross-domain-policies: self x-scale: YXBvY2FzQGdpdGh1Yg== X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 131 Md5: c92aa5f16d78423a983a5d7ae44428e4 Sha1: ddabaf1127fe57f9c65e2cc83cd3443f4efe5caf Sha256: 0ee6dff170c38f66cc1e9ef00cfb927bba75b30379af3281c026647c068a4709 Alerts: Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: iuIdcBPRPGFcb9b28pA6Gw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.39.242.231 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: OxLJrGXzU5SfQ5Og0dpX0VTVCII= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8725 Expires: Wed, 06 Jul 2022 06:26:20 GMT Date: Wed, 06 Jul 2022 04:00:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8725 Expires: Wed, 06 Jul 2022 06:26:20 GMT Date: Wed, 06 Jul 2022 04:00:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8725 Expires: Wed, 06 Jul 2022 06:26:20 GMT Date: Wed, 06 Jul 2022 04:00:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabd9505b-43dd-4a15-95da-d320727bc76c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7381 Md5: a419e897adcc5361b4b5000e3f5cef87$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7381 x-amzn-requestid: 7d7f3d3b-e16a-48bd-8df6-62e2eed518db x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UyBSIE-KIAMFegQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c3e273-4aac4b85691586656b440662;Sampled=0 x-amzn-remapped-date: Tue, 05 Jul 2022 07:04:19 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: D2XIbeEoynUyeLDaTTx-rojkLM42l1GbQGkXcc03kLeOZayVRKqlDw== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 07:20:11 GMT age: 74444 etag: "0e711cdffbe58041b6567ff9475af3820529038f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7381 Md5: a419e897adcc5361b4b5000e3f5cef87 Sha1: 0e711cdffbe58041b6567ff9475af3820529038f Sha256: 8e0c6cecaaf6701faa8b1c2d0a925102074e5ef35b697a3f8e44c0ee75415d40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8553 Md5: e6f97e6b64100081e8bed56216564854$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8553 x-amzn-requestid: 2c1e16d1-357b-493e-bcf7-b4de1a34757f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Utd8tEKYIAMFbmA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c21051-7382cb3050c6f13d70dd3706;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 21:55:29 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: wcT3TQNc1zixQ773IGnG_ghBAa2ELekTK0IyHJ3q_7RrgUTZ83spGQ== via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 03:11:53 GMT age: 2942 etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8553 Md5: e6f97e6b64100081e8bed56216564854 Sha1: 303f4efaa9b98e39a935fc6514d3731d40d2977c Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdda2b6db-0d48-4da0-93ed-4ef3d7db3e04.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9113 Md5: 9f639ab2c051e48a6c5c1a81e6a23d37$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9113 x-amzn-requestid: 56e600ec-f9e4-487a-aed6-ab2dc2478cf3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UuLRDECDoAMFjEQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c258d3-7a40e817575d687020ebc046;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 03:04:51 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: YO0WrEuTa9Bi_l-73n8Pk8-4t0ln5Vxn4I756lg98KSUp0uGsvwbgw== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google date: Wed, 06 Jul 2022 02:56:38 GMT age: 3857 etag: "f2fbba9da1c37cab4636587e45ad3b8a79ea1f90" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9113 Md5: 9f639ab2c051e48a6c5c1a81e6a23d37 Sha1: f2fbba9da1c37cab4636587e45ad3b8a79ea1f90 Sha256: 9e27f8c49e0c8ce0dcb16e0e9c6ba3789ea0645dcf84295266e6b267ae991a90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ef4a155-99c7-4810-bb0a-a2795ff0fb56.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6350 Md5: 815fad277a212592f6f19843191eae5c$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6350 x-amzn-requestid: 069800ee-c9fe-4b73-8708-ca4c9f89584e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: U0BUyFkgIAMFccg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c4af51-6495224e662d8fbe63dece74;Sampled=0 x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:25 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: SnCaojuy3Ax-0pLF7I9bzLBti2OxdIaWekOiTslJx2dWac-s_THiig== via: 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 21:50:33 GMT age: 22222 etag: "5c290d39a1ba968f7134d0ae6522bfd74485c42a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6350 Md5: 815fad277a212592f6f19843191eae5c Sha1: 5c290d39a1ba968f7134d0ae6522bfd74485c42a Sha256: 9dc39b527d0f49b3df028e63a15ad20c45d9f26a4ad07e557c239c31dfe33ce4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a4cf600-0dd5-4efd-86ef-01ccc7e879bc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12673 Md5: 50d071598961b3fd8a9ff72715a69aab$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 12673 x-amzn-requestid: ac95cef3-1997-4c98-9d63-f020b6ea76e3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UrcAcGErIAMFX8Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c14069-7b39138701d6d3174502509f;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 07:08:25 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: TEu03dTczKrwGA1_GgB_LsiP6izgKN9aBvvaAJYgY7c1ZPenRs9PnA== via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 07:11:38 GMT age: 74957 etag: "f821522cf9fc822ad1417f5a7dab9a362056e550" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12673 Md5: 50d071598961b3fd8a9ff72715a69aab Sha1: f821522cf9fc822ad1417f5a7dab9a362056e550 Sha256: 408b237987b3f528c50bae5d38ad44fd2a4af466e22d24298a668577394ea30d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff50bf4f9-4824-479c-86a6-8d2e0b8fd7c3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9548 Md5: ed9055f5cbf86e5c46511c132082d36c$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9548 x-amzn-requestid: fff20dfd-0be7-4d8c-95be-f4362de2060b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UuwDoExCIAMF5qQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c293b0-721d93284d8910c619277319;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 07:16:00 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Yq34dnXpKH6VEEzEtmMzvixj4n-3wo_egGruZb04RhxYcq9Dsg9lvA== via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 07:40:41 GMT age: 73214 etag: "0285792b38ab8e99544a267dde95be2cf3b35490" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9548 Md5: ed9055f5cbf86e5c46511c132082d36c Sha1: 0285792b38ab8e99544a267dde95be2cf3b35490 Sha256: 0e0d96c5e8aadeab85293ca34f9b9ca4aba8ec14ee1f4905276697069282f32a