urlquery - report: www.madobe.net/archiver/lib/tar32244.zip

Overview

URL	www.madobe.net/archiver/lib/tar32244.zip
IP	164.46.66.181
ASN	IDC Frontier Inc.
Location	Japan
Report completed	2022-06-16 05:09:22 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-16	2	www.madobe.net/archiver/lib/tar32244.zip	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

URL	www.madobe.net/archiver/lib/tar32244.zip
IP	164.46.66.181
Magic	Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size	565939
MD5	b13815df6631a9c1f41981448194e7a5
SHA1	67e9784e2b15fa5d7a0941dd135668ec99c98cb4
SHA256	060df4c9ca489854470983500cbfee7298e45bd8b5b228952f5c1f69f798725b

Analyzer	Analysed	Verdict	Comment
VirusTotal	2022-05-31 06:17:32	1/62

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	www.madobe.net (1)	0	2012-12-14 10:08:14 UTC	2022-02-14 03:05:48 UTC	164.46.66.181	Unknown ranking
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-15 05:15:24 UTC	54.149.1.96
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-15 09:47:19 UTC	34.120.237.76
[Mnemonic Passive DNS]	r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-06-15 05:00:29 UTC	23.36.77.32
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.118
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-15 04:59:37 UTC	54.230.111.99
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-06-15 15:39:37 UTC	93.184.220.29

Recent reports on same IP/ASN/Domain

No other reports on IP: 164.46.66.181

Last 10 reports on ASN: IDC Frontier Inc.

Date	UQ / IDS / BL	URL	IP
2022-07-06 01:40:22 +0000	0 - 0 - 2	kagetsuan.jp/main/0ex-login/4ec47edb4924e903e (...)	164.46.34.155
2022-07-05 14:48:31 +0000	3 - 0 - 25	advant.jp/fonts/modules/index.htm	103.8.49.210
2022-07-02 22:12:07 +0000	0 - 0 - 14	joint-panel.com/wordpress/wp-content/themes/m (...)	202.218.48.85
2022-07-02 15:37:58 +0000	0 - 0 - 0	www.delta-system.info/userdl/delpos71mnt.exe	202.228.204.130
2022-07-02 08:54:05 +0000	0 - 0 - 0	www.jcot.gr.jp/download/2019-1moushikomi.doc	202.218.232.130
2022-07-02 03:33:26 +0000	0 - 0 - 15	joint-panel.com/wordpress/wp-content/themes/m (...)	202.218.48.85
2022-07-02 02:59:36 +0000	0 - 0 - 2	kagetsuan.jp/main/0ex-login/4ec47edb4924e903e (...)	164.46.34.155
2022-07-01 17:06:03 +0000	0 - 0 - 6	ary.ken-shin.net/jc6f3r	202.228.215.57
2022-07-01 02:48:25 +0000	0 - 0 - 0	item.0c7.co.jp/xsens_dot/download/XsensDotSdk (...)	210.152.148.71
2022-07-01 02:30:04 +0000	0 - 0 - 0	download.vroid.com/dist/vrUEuJk6nO/VRoidStudi (...)	210.140.214.77

No other reports on domain: madobe.net

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (18)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A72C5AD08B5111E1443CF8CC7A6A5F39EF196F8AE55C43D4902661F93D87F0C0" Last-Modified: Tue, 14 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7779 Expires: Thu, 16 Jun 2022 07:18:44 GMT Date: Thu, 16 Jun 2022 05:09:05 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: dfae85015dc6a71cdbf0aa51719a89c1 Sha1: ccd9124376b8009e67b96fbdbb4d9367a88c1680 Sha256: a72c5ad08b5111e1443cf8cc7a6a5f39ef196f8ae55c43d4902661f93d87f0c0
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3$ 54.230.111.118 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Alert, Retry-After, Content-Type Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 16 Jun 2022 04:16:45 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: pVj1urE4NXXo--QScCB58Z2WWNEXJ7BxF_dpJxH24pVuWLfYd-mvvg== Age: 3140 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: c98c56ff7bc7ba547517573963f425e3 Sha1: 58c8dccc28ecd76424af6ed9988575a35cf8a0c2 Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.99 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Thu, 16 Jun 2022 02:10:58 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 8S_XyeY2LVl8NogTXXe1NEgXLDgWJDiWVh5_v6rJ1JiDZfheRprqEw== age: 10697 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 16 Jun 2022 05:09:05 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.118 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Pragma, Expires, Content-Length, Retry-After, Last-Modified, ETag, Backoff, Cache-Control, Alert, Content-Type Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Thu, 16 Jun 2022 04:49:19 GMT Expires: Thu, 16 Jun 2022 05:12:02 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: A8Eb2SZjqm_4vqP-wvrfn6xIowrO_vTFcxerCmCxczCXnL6yylnI6A== Age: 1187 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2803 Cache-Control: 'max-age=158059' Date: Thu, 16 Jun 2022 05:09:07 GMT Last-Modified: Thu, 16 Jun 2022 04:22:24 GMT Server: ECS (ska/F710) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: eb115351924d446688de16a1169938e4 Sha1: c8170f56004017a19a9d01d2c2afc852d421f2c2 Sha256: b322f59819270b493da958b55371b70052083af156779c7cfbeacf07b620bbfd
GET /archiver/lib/tar32244.zip HTTP/1.1 Host: www.madobe.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: Zip archive data, at least v2.0 to extract, compression method=deflate\012- data Size: 565939 Md5: b13815df6631a9c1f41981448194e7a5$ 164.46.66.181 HTTP/1.1 200 OK Content-Type: application/zip Date: Thu, 16 Jun 2022 05:09:05 GMT Server: Apache X-Frame-Options: SAMEORIGIN Last-Modified: Sat, 14 May 2022 14:52:21 GMT ETag: "8a2b3-5def9f037f510" Accept-Ranges: bytes Content-Length: 565939 Connection: close --- Additional Info --- Magic: Zip archive data, at least v2.0 to extract, compression method=deflate\012- data Size: 565939 Md5: b13815df6631a9c1f41981448194e7a5 Sha1: 67e9784e2b15fa5d7a0941dd135668ec99c98cb4 Sha256: 060df4c9ca489854470983500cbfee7298e45bd8b5b228952f5c1f69f798725b Alerts: Blocklists: - fortinet: Malware File Analyzers: - virustotal: 1/62
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: pIujcDnDM6XMe+/1/QZxrw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	54.149.1.96 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: iB9oAcanqj4g98RDJgdUG2kbH8I= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F95A4059C8A915B6D9B7BA0C5BDA51F09B49C2201186279058C0925C41933780" Last-Modified: Tue, 14 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21454 Expires: Thu, 16 Jun 2022 11:06:42 GMT Date: Thu, 16 Jun 2022 05:09:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2c73963555e3638508a5efa84edfd130 Sha1: f56ea9740a59563e59a346f22df0f1036459d411 Sha256: f95a4059c8a915b6d9b7ba0c5bda51f09b49c2201186279058c0925c41933780
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F95A4059C8A915B6D9B7BA0C5BDA51F09B49C2201186279058C0925C41933780" Last-Modified: Tue, 14 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21454 Expires: Thu, 16 Jun 2022 11:06:42 GMT Date: Thu, 16 Jun 2022 05:09:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2c73963555e3638508a5efa84edfd130 Sha1: f56ea9740a59563e59a346f22df0f1036459d411 Sha256: f95a4059c8a915b6d9b7ba0c5bda51f09b49c2201186279058c0925c41933780
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F95A4059C8A915B6D9B7BA0C5BDA51F09B49C2201186279058C0925C41933780" Last-Modified: Tue, 14 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21454 Expires: Thu, 16 Jun 2022 11:06:42 GMT Date: Thu, 16 Jun 2022 05:09:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2c73963555e3638508a5efa84edfd130 Sha1: f56ea9740a59563e59a346f22df0f1036459d411 Sha256: f95a4059c8a915b6d9b7ba0c5bda51f09b49c2201186279058c0925c41933780
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F95A4059C8A915B6D9B7BA0C5BDA51F09B49C2201186279058C0925C41933780" Last-Modified: Tue, 14 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21454 Expires: Thu, 16 Jun 2022 11:06:42 GMT Date: Thu, 16 Jun 2022 05:09:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2c73963555e3638508a5efa84edfd130 Sha1: f56ea9740a59563e59a346f22df0f1036459d411 Sha256: f95a4059c8a915b6d9b7ba0c5bda51f09b49c2201186279058c0925c41933780
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b1a78a-dfe3-4da6-8cc4-670373641c4b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5805 Md5: e09ac4b955c74af734b7d4ddebe46612$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5805 x-amzn-requestid: 90327810-34ff-467f-997f-c31978af33fb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Tr3M2FXBoAMFV1w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a7d252-23051fc8667ccf5900e76534;Sampled=0 x-amzn-remapped-date: Tue, 14 Jun 2022 00:12:02 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: N5hZ3DM1NVxPFyqFEWSu8Ci6glNJhL8mg7GvkY_Ci7Q4mInzSMmA6g== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google date: Thu, 16 Jun 2022 02:53:30 GMT age: 8138 etag: "3c11fd7397db3e37c58413fa1fdbae424eaf08ab" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5805 Md5: e09ac4b955c74af734b7d4ddebe46612 Sha1: 3c11fd7397db3e37c58413fa1fdbae424eaf08ab Sha256: 1e24690d21d9c3b0cdb2979d1e6a7098e5c49aefa4a32dbe653a0d528309c3bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62864691-c0d6-402a-8be8-0899c8a034ed.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8851 Md5: 2e0bbeca7ccb504a264ad3d567042e1a$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8851 x-amzn-requestid: 1dbc6503-0eef-4fb6-a0b5-fe3b5875e55e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TycbcFNzIAMFjIg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aa7449-7342ce490f54c30143e2ff73;Sampled=0 x-amzn-remapped-date: Thu, 16 Jun 2022 00:07:37 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: n433RMDpMk505G8qhtCEKAdiWKSK4ImaH7EbaC2BO9ZjTUBcUBw45w== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Thu, 16 Jun 2022 00:23:03 GMT age: 17165 etag: "d50b1efc1d853c20861e66994a7fdf4c9c2d1ba6" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8851 Md5: 2e0bbeca7ccb504a264ad3d567042e1a Sha1: d50b1efc1d853c20861e66994a7fdf4c9c2d1ba6 Sha256: d06124229635d09c4d5a908fd6fc415f2ebc8e82e8c884ea2d38cfe6618ba01f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe592a0-9d91-4e87-a7d7-cc4ec8ebdcc8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10758 Md5: 9b00ac6690d383ab663753c3b4395d17$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10758 x-amzn-requestid: fabb26cb-a1da-44cc-9738-528227733b7d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: THlqaGrnIAMF2Xw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62994fdc-443ac4944a86fa143e21b5c7;Sampled=0 x-amzn-remapped-date: Fri, 03 Jun 2022 00:03:40 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: AEwzKtLpq7sHfPBfIma05HxTc7G2s698EDDvRWYWJUwskL3d4vDK8Q== via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google date: Thu, 16 Jun 2022 02:09:47 GMT age: 10761 etag: "95cf6369129a795d27a24b853788295fd82c2a2e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10758 Md5: 9b00ac6690d383ab663753c3b4395d17 Sha1: 95cf6369129a795d27a24b853788295fd82c2a2e Sha256: d2e8ae7e6a1b6d38ccf7abefc3faa029f8bad6d7ce61551f1bbcb4f392432464
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbf64e71-e74d-48c4-a7db-12c161a3f3db.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2775 Md5: 5ca0752a82d517929c23ae2a3dae253e$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 2775 x-amzn-requestid: efb57475-d40f-496b-ab09-1edd7b88340b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Tyb0-FMbIAMF2pA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aa7352-14acd6d55d0f6ba04dfe2edb;Sampled=0 x-amzn-remapped-date: Thu, 16 Jun 2022 00:03:30 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: szJF8PJvjCc_dmwImL061geL0yPQfBpWcneQ3ztxKZO26I8hPX38sg== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 a2c13de7f3df76280ef01a6604863734.cloudfront.net (CloudFront), 1.1 google date: Thu, 16 Jun 2022 00:28:01 GMT age: 16867 etag: "3cabd4692ebae6390b876c346ddd5e903d7246b3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2775 Md5: 5ca0752a82d517929c23ae2a3dae253e Sha1: 3cabd4692ebae6390b876c346ddd5e903d7246b3 Sha256: 986a408b1c021c55d6cf1401c4384370ad9aa89777afb8c79b048f4f96e36820
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0c79a68-1bf9-4878-8d1d-6d34878cd586.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11389 Md5: 8bef53307ca724ee43f10047c0a088c4$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11389 x-amzn-requestid: e70bd64b-5cfd-4374-9569-5c9b8f95eeed x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TvKcAHneIAMFcgg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a9244c-20fe804b4a8b878815a3ef44;Sampled=0 x-amzn-remapped-date: Wed, 15 Jun 2022 00:14:04 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: b0ozjmMZomqlLdfUKKDn7G0KZRiDwZvQ6GndoE9BPwT4NX6MyD2anQ== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Wed, 15 Jun 2022 15:10:53 GMT age: 50295 etag: "b8069748237ace054a0742991616331ef11aeda6" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11389 Md5: 8bef53307ca724ee43f10047c0a088c4 Sha1: b8069748237ace054a0742991616331ef11aeda6 Sha256: 351215507acb856749e15453ea5ec7d0c3ffadb7bd434caf6d4ccf9eade1b7c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe57f8abe-53df-43e0-a9db-294e4a5bb700.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8341 Md5: 6ca964462a4754f910669666b04e7a32$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8341 x-amzn-requestid: 052c4886-4ae0-4fa7-b2e0-e2f2de98943b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TycbeHFwoAMFSjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aa7449-4b45df8c7671617a1a1b50b7;Sampled=0 x-amzn-remapped-date: Thu, 16 Jun 2022 00:07:37 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: XYiq1RrJMH4VeM_6xg1IXH-OmthfYwG_Ysxej7q-kvLlQDIPNDvJZA== via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google date: Thu, 16 Jun 2022 00:34:30 GMT age: 16478 etag: "fcc9536e5aad26d558da58220bb7fdaf462c1344" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8341 Md5: 6ca964462a4754f910669666b04e7a32 Sha1: fcc9536e5aad26d558da58220bb7fdaf462c1344 Sha256: e4d42c9c0c585a31a4ee7a61454ee4517b0e9eb3486b43b97fdf01d98bee1699