Overview

URL https://patagoniatips.com/fedex/main/verifyinfos
IP96.62.102.14
ASNVPLS-DA1
Location United States
Report completed2022-08-06 11:11:53 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Added / Verified Severity Host Comment
2022-08-05 2 patagoniatips.com/fedex/main/verifyinfos FedEx Corporation
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-08-06 2 patagoniatips.com/fedex/main/verifyinfos Phishing
2022-08-06 2 patagoniatips.com/fedex/main/assets/js/script.js Phishing
2022-08-06 2 patagoniatips.com/fedex/main/assets/js/jquery.mask.js Phishing
2022-08-06 2 patagoniatips.com/fedex/main/assets/js/jquery-3.5.1.min.js Phishing
2022-08-06 2 patagoniatips.com/fedex/main/assets/js/bootstrap.min.js Phishing
2022-08-06 2 patagoniatips.com/fedex/main/assets/imgs/fav.ico Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (11)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-06 05:12:46 UTC 52.41.252.32
[Mnemonic Passive DNS] ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-08-06 05:24:04 UTC 172.64.155.188
[Mnemonic Passive DNS] mincex.fun (1) 0 2022-04-26 05:54:42 UTC 2022-04-26 05:54:43 UTC 68.65.122.196 Unknown ranking
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-06 04:58:36 UTC 34.120.237.76
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-06 05:12:46 UTC 54.230.111.14
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] patagoniatips.com (15) 0 2019-06-11 13:01:20 UTC 2022-05-27 12:42:35 UTC 96.62.102.14 Unknown ranking
[Mnemonic Passive DNS] r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-08-06 04:58:11 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-08-06 09:57:42 UTC 93.184.220.29
[Mnemonic Passive DNS] pro.fontawesome.com (1) 5887 2019-11-21 15:26:21 UTC 2022-08-06 06:01:02 UTC 104.18.23.52


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 96.62.102.14

Date UQ / IDS / BL URL IP
2022-08-05 22:22:37 +0000
0 - 0 - 3 thefurniturewarehousems.com/ 96.62.102.14
2022-08-05 11:55:38 +0000
0 - 0 - 3 thefurniturewarehousems.com/ 96.62.102.14

Last 4 reports on ASN: VPLS-DA1

Date UQ / IDS / BL URL IP
2022-08-05 22:22:37 +0000
0 - 0 - 3 thefurniturewarehousems.com/ 96.62.102.14
2022-08-05 11:55:38 +0000
0 - 0 - 3 thefurniturewarehousems.com/ 96.62.102.14
2022-07-14 09:34:42 +0000
0 - 0 - 1 netstetion2-aplus.com/ 96.62.102.138
2022-07-09 08:47:23 +0000
0 - 0 - 5 amazon.co.jp.iost.club/ 96.62.102.108

No other reports on domain: patagoniatips.com



JavaScript

Executed Scripts (5)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (34)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 06 Aug 2022 11:02:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hXkKRQekhQcxU20du63i_hEkmqZKVXBVLbcicnkjDKiellUmQjYXzg==
Age: 544


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.14
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 06 Aug 2022 04:15:27 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: --bxZ_vk4PH4YeKlEliBu51pGqNRXhpQRVNGYklLAT4mw9UStuyG5w==
age: 24976
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34"
Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5672
Expires: Sat, 06 Aug 2022 12:46:14 GMT
Date: Sat, 06 Aug 2022 11:11:42 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:11:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /fedex/main/verifyinfos HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sat, 06 Aug 2022 11:11:42 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (730), with CRLF line terminators
Size:   14304
Md5:    5839cc0fb0c740fcb91ed0126b8ee99d
Sha1:   712764d908014c25b65de6647b0dadd43cff702d
Sha256: f6b65fd349090f8ef089d371dec685af1180e547c626289f8691af643d4ed871

Alerts:
  Blocklists:
    - openphish: FedEx Corporation
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 06 Aug 2022 10:13:31 GMT
Expires: Sat, 06 Aug 2022 10:30:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Nw1BkSf0-zaH_cya-JVmhZEsBY_pRXN1O1J7fvlb2OPaESi5d0-yZw==
Age: 3492


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1317
Cache-Control: max-age=163134
Date: Sat, 06 Aug 2022 11:11:43 GMT
Etag: "62ee2188-1d7"
Expires: Mon, 08 Aug 2022 08:30:37 GMT
Last-Modified: Sat, 06 Aug 2022 08:08:40 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /fedex/main/assets/css/bootstrap.css HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 06 Aug 2022 11:11:42 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 193015
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (560)
Size:   193015
Md5:    052dfc723bbdf659b1528e37b1472301
Sha1:   a06f1b5340a4dceaa9a8e044d0248ab48fcb7e17
Sha256: 0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334
                                        
                                            GET /fedex/main/assets/css/style.css HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 5193
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   5193
Md5:    b06e5d4b418da2d43722a6c5edf929e9
Sha1:   7110df9bdf45f1d4c179f38645af9b9a99792fce
Sha256: e24fb0e66a77906a954f8a07493d055ce96743e35ef0779009208f24b10094ca
                                        
                                            GET /fedex/main/assets/js/script.js HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 1055
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1055
Md5:    616e99570164bb49702ce40af2f76a15
Sha1:   0e84b7ef2cb9f517af7ff18fb8a1541a301be26e
Sha256: 8a7698dfb7901c62cf9516cd8ed4e89ac3b41854bde48ca7da74405ed491e398

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /releases/v5.10.0/webfonts/fa-light-300.woff2 HTTP/1.1 
Host: pro.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://patagoniatips.com
Connection: keep-alive
Referer: https://pro.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.23.52
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 11:11:43 GMT
content-type: font/woff2
content-length: 164936
x-amz-id-2: 5kMwINIdAnLtYjIdNstdcSpGrCh+yYX65fXE1tPR29ETg/byVwmXvtjQkzSnlQJNex6ddAwyC0E=
x-amz-request-id: 4D3RBV1MPC5X96W7
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 16:56:06 GMT
etag: "a8f2809e740a8962adab81b7171f4160"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 35288
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 736755580904fab8-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 164936, version 330.15728\012- data
Size:   164936
Md5:    a8f2809e740a8962adab81b7171f4160
Sha1:   9c6513ab9c1713000031ce74c8ce8e7fbc928bf6
Sha256: 8e70557097056f79b4ea3a512b1844cac97f5dacc9054b05aa49c295e236c460
                                        
                                            GET /fedex/main/assets/imgs/cre.png HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 1097
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 59 x 29, 8-bit/color RGBA, non-interlaced\012- data
Size:   1097
Md5:    9a8ca21c4769393a1ed054304a2ee793
Sha1:   5175a0d3e2aee6b77b1231beb9f2cec149b64bc5
Sha256: 9303c515923ed11aba1963dd80bf31db7f71ce3296b8e389cea6106eaa370e18
                                        
                                            GET /fedex/main/assets/imgs/fe.png HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 846
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 24 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size:   846
Md5:    e73d3be85e30991c5e7d99f18225c6bc
Sha1:   f49d5b583ccce3764295b253637fe5da3058d479
Sha256: 999b2fed358e420901d57b2af544872ec28a2a5056453994ca3d72b22cf96a5f
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bFk96B4eNZzAF5UHMvrvew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.41.252.32
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vGH2V/BN1hscwELvtXNwxSmZ0aw=

                                        
                                            GET /fedex/main/assets/js/jquery.mask.js HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 23176
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   23176
Md5:    24992f1ed62baf9393609f3c6c2ad20e
Sha1:   34716cf70f7f7a9cd072e7796c34ce987f85d18c
Sha256: a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /fedex/main/assets/imgs/tr.png HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 642
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 27 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size:   642
Md5:    b52170becdc51092d414ed75e8432e62
Sha1:   91eafe1c78287a6dfce2ccb44cc663568c6e3ac0
Sha256: 80358cfadbfb2de86fa12e885d55b585630ec95f80b2f69c8dab8d58c33f6d1e
                                        
                                            GET /fedex/main/assets/imgs/log.png HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 17964
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced\012- data
Size:   17964
Md5:    f9f3a4bf508eec8270bf7c8fe4397384
Sha1:   8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16
Sha256: 99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
                                        
                                            GET /fedex/main/assets/imgs/hl.png HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 519
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 19 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size:   519
Md5:    3f6adf37f9bc84a0c693a505effb1e35
Sha1:   5c5d9b79e7ace91fa40300a25ed08d226c90e7d2
Sha256: 3c10852caab00fba090e88a46ed5118e3bc968300d903d474665c00fbe077ffc
                                        
                                            GET /fedex/main/assets/js/jquery-3.5.1.min.js HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 89476
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   89476
Md5:    dc5e7f18c8d36ac1d3d4753a87c98d0a
Sha1:   c8e1c8b386dc5b7a9184c763c88d19a346eb3342
Sha256: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /fedex/main/assets/js/bootstrap.min.js HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 62411
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (62126)
Size:   62411
Md5:    cabc5d07dec4c381f521bbcd41c009db
Sha1:   ca329d086682a4d75b5528d326a66a6d3fffab13
Sha256: 2909d4fa86cf09191e768576e1a6eab7f2635a2627549c45d29595ffac9c0da9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /fedex/main/assets/imgs/media.png HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 2470
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 225 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size:   2470
Md5:    47a2bf60877c5c809414542501bac2e4
Sha1:   2deac8e6c58a01f87137d256c48c6cbe411b6379
Sha256: 81df76b98fcdaaf78e000ec83d8fbb5a199681b9ec2b4fd52f6076c982383f22
                                        
                                            GET /fedex/main/assets/imgs/3p.png HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 352
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 43 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size:   352
Md5:    803a8b927e7573b1c2ebd2b7a8e451d0
Sha1:   2fe00fcc087829aa6ede5a4c8b6bbd0231814756
Sha256: 5a3bfd0ed60963e3b2ab94927ee76df0af500df236762d6ec79109eeb695b9d4
                                        
                                            GET /fedex/main/assets/imgs/fav.ico HTTP/1.1 
Host: patagoniatips.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patagoniatips.com/fedex/main/verifyinfos
Cookie: PHPSESSID=ebf5bc733cbab7cbed723f9a5be8cd93
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         96.62.102.14
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Sat, 06 Aug 2022 11:11:43 GMT
Server: Apache
Last-Modified: Sun, 31 Jul 2022 16:18:35 GMT
Accept-Ranges: bytes
Content-Length: 5430
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   5430
Md5:    a53129769d15f251d4e5c5cb966765b4
Sha1:   043d6a7b9cca5d05aba04fc0a3f4527e3ad075e0
Sha256: eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 11:11:44 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 05 Aug 2022 19:05:58 GMT
Expires: Fri, 12 Aug 2022 19:05:58 GMT
ETag: 7238E0FB60E80EF95FF99C6A1D41E9C7FC821BCC
Cache-Control: max-age=546253,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp6
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7367555c0ddab4eb-OSL

                                        
                                            POST /newsystem/pages/get/6d016e1f7adcb4a979961ec992ac06e1/cc HTTP/1.1 
Host: mincex.fun
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patagoniatips.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://patagoniatips.com
Content-Length: 61
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         68.65.122.196
HTTP/2 200 OK
                                        
x-powered-by: PHP/7.2.34
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 3600
content-length: 3759
date: Sat, 06 Aug 2022 11:11:44 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3759), with no line terminators
Size:   3759
Md5:    94bf6f6065f26a7a29ecf03eec3fa910
Sha1:   7c69923d111c8454eea56b7100f20d88706b7ac5
Sha256: 2ed82569be0d036ac3069980eab0de273cddb19baad92ed8597d07aa339e8ac1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2494
Expires: Sat, 06 Aug 2022 11:53:18 GMT
Date: Sat, 06 Aug 2022 11:11:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2494
Expires: Sat, 06 Aug 2022 11:53:18 GMT
Date: Sat, 06 Aug 2022 11:11:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2494
Expires: Sat, 06 Aug 2022 11:53:18 GMT
Date: Sat, 06 Aug 2022 11:11:44 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47127619-5c86-4363-ad38-bd0ea52d7a06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 3871
x-amzn-requestid: 8e2f628a-40e7-4a30-9250-e799388e3f06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMExESGIAMFmSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d51-548ce53641314e2f14e5c4af;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N90ctXzr6WonpYvUPxVh9pub3pDwtN6P2RHXYhHEnvQojnGnfdXOiw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 22:01:03 GMT
age: 47441
etag: "5aafd1e4d78ce8b097b9d9333f8a583a3004ed21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3871
Md5:    2d2380784d41f22b7c39f22aa6ee89f5
Sha1:   5aafd1e4d78ce8b097b9d9333f8a583a3004ed21
Sha256: 0c0f5233c5b6e055ab79900dcd96b99dcd837a2459c75c75ba54d1289dab4ec7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5220284-1209-43a7-9af7-d1b6ed31b248.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11592
x-amzn-requestid: 73091111-067e-4c53-97ae-702fbf2b6d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaNsvHdVoAMFUDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8fea-3048002a0a2373536c9c39a1;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:47:23 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: G0Mdtk-aieWCgzMmacuam7TBIAI-ScwNkVMr2tZ-Bfm8UTT2lUWv9Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e71753cf85369390852fdcb22bf59aa8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:23 GMT
etag: "d2838f572736105231e6d321790315a8bf1f68eb"
content-type: image/jpeg
age: 48261
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11592
Md5:    ae3af770ca5815a2744dfad2e742d227
Sha1:   d2838f572736105231e6d321790315a8bf1f68eb
Sha256: 756c59730240921214b26350193d4471c15a98f32c959395ffb05f6b7be34ff5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfd5df4-420a-41ec-b1de-b396653699e3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8223
x-amzn-requestid: 281d5f74-7335-41bf-a1b0-b96f8524a3ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMEqHQvoAMFluQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d50-1840e5c331544b671bd6c5ed;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: o9EeZetfZImEDJCDFyMh8hj9JXl78bbKcn2046qAYRLMW0r8sTJjyQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 87136170926d082ce5ff23d5ad5be32c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:23 GMT
etag: "9b19561b15e7e126ee65436ba20d4ae4098e6776"
content-type: image/jpeg
age: 48261
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8223
Md5:    21cb9fd64193c9fa61a65be28fa65bda
Sha1:   9b19561b15e7e126ee65436ba20d4ae4098e6776
Sha256: 16676379a98b377329551dea82df06b036aa7a1902ecc18b2467b25c0bd0e4dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa26223bd-d704-4f37-9bda-4a67147d87f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7022
x-amzn-requestid: eb9ae10a-10d8-45fb-9c1c-9793344a899f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMEqFdFoAMFpqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d50-7c3c82f33c75abd35bbed203;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ne2tmhRnJwvpF6rsjhmV1WuPMesMi6ZaU0AT9HTXflM265fNUJcGXw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a02a98c09aaf2561c8ca019e473cf172.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:50:20 GMT
etag: "de125f4ffd1f967c1557f082c41477891630539c"
content-type: image/jpeg
age: 48084
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7022
Md5:    f8ee35182a507e89b787ac718a80508c
Sha1:   de125f4ffd1f967c1557f082c41477891630539c
Sha256: 8def080600f8b45c3683dfb91586c9b03bf3fbb07437e9ab9dad816909cc3021
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2e82c42-fd94-454a-912f-56867d09ec8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7007
x-amzn-requestid: 35d5361e-52fc-4daa-8cdb-954fb2a91144
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMEzEyIoAMFfMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d51-3bfec49b5c66188b79c38b88;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: efpRqESHFgiyUdGH0RwYFscSl6pxv1OMptErBaPImBAc9wolDIkB1A==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 70b0c022caf458423e58ecbec40508f0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:22 GMT
etag: "671abe46bc15fe88431e40416df266331a65f849"
content-type: image/jpeg
age: 48262
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7007
Md5:    1ed454c7b6a969da4f12c5dc57b0117e
Sha1:   671abe46bc15fe88431e40416df266331a65f849
Sha256: eb2cd92f0994a7bfea8151ce716bce18aa1bbbeca7ca66a786c09c3dff8a41e7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbac29577-51fc-49f4-aa62-7bd10918f86c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10404
x-amzn-requestid: 6b6adca1-a218-4b44-9da8-4f08cc10d3fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaNkhHBHoAMFk4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8fb6-241e27c07eff88721b51690f;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:46:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YiiwvDfkYJRWqTb7pPLrLz7fr2xw3uhUjr-eeY_pncDGmvQmfBo4gQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 22:02:43 GMT
age: 47341
etag: "429ef7bfc7ee3df047dbdd1f6fe3b5fd71e627ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10404
Md5:    eb923e3f6bc2cea92c6be5adf2bd5f24
Sha1:   429ef7bfc7ee3df047dbdd1f6fe3b5fd71e627ea
Sha256: a06cb841220e89bc85c0d2800b3a47918b47dc17dd983bed59de3fda882d0f8d