urlquery - report: 99hospitalitygroup.com/ckfinder/userfiles/files/

Overview

URL	99hospitalitygroup.com/ckfinder/userfiles/files/
IP	45.56.108.238
ASN	Linode, LLC
Location	United States
Report completed	2022-06-09 20:59:09 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-09	2	99hospitalitygroup.com/ckfinder/userfiles/files/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-06-09 18:47:58 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-09 04:17:14 UTC	35.86.38.2
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-09 16:32:11 UTC	34.120.237.76
[Mnemonic Passive DNS]	99hospitalitygroup.com (2)	0	2019-06-05 07:25:12 UTC	2020-11-23 19:35:02 UTC	45.56.108.238	Unknown ranking
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.118
[Mnemonic Passive DNS]	r3.o.lencr.org (4)	344	2020-12-02 08:52:13 UTC	2022-06-09 04:10:19 UTC	23.36.76.226
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-09 04:12:25 UTC	54.230.111.7

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 45.56.108.238

Date	UQ / IDS / BL	URL	IP
2022-07-02 01:46:07 +0000	0 - 0 - 1	99hospitalitygroup.com/ckfinder/userfiles/files/	45.56.108.238
2022-06-29 20:56:43 +0000	0 - 0 - 1	sweatrinserepeat.com/ckfinder/userfiles/files (...)	45.56.108.238
2022-06-29 05:26:13 +0000	0 - 0 - 1	sweatrinserepeat.com/ckfinder/userfiles/files (...)	45.56.108.238
2022-06-28 19:10:26 +0000	0 - 0 - 1	sweatrinserepeat.com/ckfinder/userfiles/files (...)	45.56.108.238
2022-06-26 12:34:58 +0000	0 - 0 - 1	bodybybodyology.com/ckfinder/userfiles/files/ (...)	45.56.108.238
2022-06-24 17:16:03 +0000	0 - 0 - 1	skipjackpoke.com/ckfinder/userfiles/files/385 (...)	45.56.108.238
2022-06-24 00:09:09 +0000	0 - 0 - 1	embody.box8websites.com/ckfinder/userfiles/fi (...)	45.56.108.238
2022-06-23 09:03:07 +0000	0 - 0 - 2	chipublichouse.com/ckfinder/userfiles/files/3 (...)	45.56.108.238
2022-06-23 05:46:04 +0000	0 - 0 - 1	embody.box8websites.com/ckfinder/userfiles/fi (...)	45.56.108.238
2022-06-21 09:16:06 +0000	0 - 0 - 1	ckrestaurantgroup.com/ckfinder/userfiles/file (...)	45.56.108.238

Last 10 reports on ASN: Linode, LLC

Date	UQ / IDS / BL	URL	IP
2022-08-09 11:23:44 +0000	0 - 0 - 2	lovergirl.com/	45.33.18.44
2022-08-09 11:14:54 +0000	0 - 0 - 4	getme.co.nz/mtb/login.php	45.79.238.21
2022-08-09 10:56:45 +0000	0 - 0 - 3	tinybreasts.com/	45.33.18.44
2022-08-09 10:03:13 +0000	0 - 0 - 2	www.chawkyfrenn.com/icon/JtT/	50.116.62.25
2022-08-09 10:02:56 +0000	0 - 0 - 2	icket.com/http:/icket.com/mtm/direct/.eJw9kEt (...)	173.255.194.134
2022-08-09 09:45:24 +0000	0 - 0 - 1	cumfixation.com/mtm/direct/.eJxlikEOwjAMBP_iY (...)	45.33.23.183
2022-08-09 09:39:55 +0000	0 - 0 - 2	whitepanties.net/	173.255.194.134
2022-08-09 09:23:16 +0000	0 - 0 - 3	zappmedia.cm/mtm/direct/.ejxdikeowjambp_iy4lq (...)	198.58.118.167
2022-08-09 09:23:10 +0000	0 - 0 - 3	vestafscareers.com/mtm/direct/.ejxtikekajemre (...)	173.255.194.134
2022-08-09 09:19:27 +0000	0 - 0 - 3	supermerc.com/mtm/direct/.ejxdikeowjambp_iy4l (...)	45.33.2.79

Last 1 reports on domain: 99hospitalitygroup.com

Date	UQ / IDS / BL	URL	IP
2022-07-02 01:46:07 +0000	0 - 0 - 1	99hospitalitygroup.com/ckfinder/userfiles/files/	45.56.108.238

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (18)

Request	Response
GET /ckfinder/userfiles/files/ HTTP/1.1 Host: 99hospitalitygroup.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 227 Md5: 3921f69bb68efaf909b40577c7cce8ab$ 45.56.108.238 HTTP/1.1 403 Forbidden Content-Type: text/html; charset=iso-8859-1 Date: Thu, 09 Jun 2022 20:58:54 GMT Server: Apache Content-Length: 227 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 227 Md5: 3921f69bb68efaf909b40577c7cce8ab Sha1: 92f34f9beb9b3107297735f4bf2b63e04f20df8c Sha256: 62db348ace369fdaf69ed2519c04eb63f748036a807bf93cbeed93074f9f1883 Alerts: Blocklists: - fortinet: Phishing
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.118 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Backoff, Content-Type, Content-Length, Alert, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Thu, 09 Jun 2022 20:33:29 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: _zJ02HZ26bPzuUvQGnFJGXMIKqoGFmu12LMbWp_yPKcS7dPBB_ZJ7g== Age: 1525 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DD3EA6C574C57CBB10369822E6D0CB2032BDE481F6F01C461E96F3968ADD30E6" Last-Modified: Thu, 09 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9013 Expires: Thu, 09 Jun 2022 23:29:07 GMT Date: Thu, 09 Jun 2022 20:58:54 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aaa828f9e280c1c60759de7b307c1f4c Sha1: e504bafd94cb055737faed3b7633425a2db04db9 Sha256: dd3ea6c574c57cbb10369822e6d0cb2032bde481f6f01c461e96f3968add30e6
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.7 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Thu, 09 Jun 2022 05:56:39 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: FLwHSkkGg9HsPYkaBR3L1hMgWpYnmi262MmOM53EzIYZW1CXUeV7hQ== age: 54136 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Thu, 09 Jun 2022 20:58:54 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: 99hospitalitygroup.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://99hospitalitygroup.com/ckfinder/userfiles/files/	$Magic: MS Windows icon resource - 3 icons, 16x16, 8 bits/pixel, 32x32, 24 bits/pixel\012- data Size: 4107 Md5: 88ed860524f26103ddccef80a550e48f$ 45.56.108.238 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Thu, 09 Jun 2022 20:58:55 GMT Server: Apache Last-Modified: Thu, 23 Apr 2015 22:36:28 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Cache-Control: max-age=604800 Expires: Thu, 16 Jun 2022 20:58:55 GMT X-Content-Type-Options: nosniff Content-Length: 4107 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive --- Additional Info --- Magic: MS Windows icon resource - 3 icons, 16x16, 8 bits/pixel, 32x32, 24 bits/pixel\012- data Size: 4107 Md5: 88ed860524f26103ddccef80a550e48f Sha1: 689ceea4bc310a1477c1b6766a2073d82d498b4f Sha256: c2afb8a81ddfa87774b2da0c1f7adf321daff9329125cd0b4dafde9a80e7409d
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.118 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: ETag, Content-Type, Content-Length, Expires, Alert, Backoff, Pragma, Retry-After, Cache-Control, Last-Modified Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Cache-Control: max-age=3600 Date: Thu, 09 Jun 2022 20:50:32 GMT Expires: Thu, 09 Jun 2022 21:22:15 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 3hzmOtXY9kGgIWWdEBQKSDHwPK-XZge-OkxE9KsjHs_V2dtjYNSf-w== Age: 504 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1498 Cache-Control: 'max-age=158059' Date: Thu, 09 Jun 2022 20:58:56 GMT Last-Modified: Thu, 09 Jun 2022 20:33:58 GMT Server: ECS (ska/F71A) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a8f23add233ff35b4736820a216db8a6 Sha1: e5c9d499c598802d6c402906e7a3c9c474dfe9e8 Sha256: 6bbc275c957b9dfee13b5aca4814687447b76fd3b1628886b69cb58ecff17ed9
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: CPP7RTeIDkxmkjI0f45Xyw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	35.86.38.2 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: bo8ZQp45VfJNlgnvB6ba311q0wI= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D763C8858CC015B9F2A4CDBD389F37DE5CA4ABCDB6528414A4DF331ADEC62040" Last-Modified: Thu, 09 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19298 Expires: Fri, 10 Jun 2022 02:20:35 GMT Date: Thu, 09 Jun 2022 20:58:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c28a66274118d9b5de9cc483c50e78dd Sha1: 18144a7bb8887c1306e911e42fb6958d736dccb0 Sha256: d763c8858cc015b9f2a4cdbd389f37de5ca4abcdb6528414a4df331adec62040
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D763C8858CC015B9F2A4CDBD389F37DE5CA4ABCDB6528414A4DF331ADEC62040" Last-Modified: Thu, 09 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19298 Expires: Fri, 10 Jun 2022 02:20:35 GMT Date: Thu, 09 Jun 2022 20:58:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c28a66274118d9b5de9cc483c50e78dd Sha1: 18144a7bb8887c1306e911e42fb6958d736dccb0 Sha256: d763c8858cc015b9f2a4cdbd389f37de5ca4abcdb6528414a4df331adec62040
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D763C8858CC015B9F2A4CDBD389F37DE5CA4ABCDB6528414A4DF331ADEC62040" Last-Modified: Thu, 09 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19298 Expires: Fri, 10 Jun 2022 02:20:35 GMT Date: Thu, 09 Jun 2022 20:58:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c28a66274118d9b5de9cc483c50e78dd Sha1: 18144a7bb8887c1306e911e42fb6958d736dccb0 Sha256: d763c8858cc015b9f2a4cdbd389f37de5ca4abcdb6528414a4df331adec62040
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd764fc0-a28f-4445-aeae-c06c815c5993.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10705 Md5: 92e9cb6a93ca2e1269b53bf84567ac07$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10705 x-amzn-requestid: 7ffa341f-4363-43f3-877b-84a0762d91e7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TbXwIF_GoAMFcng= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a1399a-570ca10833ee141543eaea1a;Sampled=0 x-amzn-remapped-date: Thu, 09 Jun 2022 00:06:50 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: zDsaO34efVgKTrCS2C67VliVxrMWOJZWIxve5g5quJ7JHC_JSzjPYw== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google date: Thu, 09 Jun 2022 00:32:40 GMT age: 73577 etag: "553815089b8a5518245506c52ee047f9fc7112fc" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10705 Md5: 92e9cb6a93ca2e1269b53bf84567ac07 Sha1: 553815089b8a5518245506c52ee047f9fc7112fc Sha256: 3bc21c584da4761e347123d1f868835c45f0b5a236be9e4ad76291848d543a0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1fd7bc2c-bc1e-4120-b6bb-b596ee249415.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7387 Md5: 8e823f611ccdb7459ac59e411b7407d4$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7387 x-amzn-requestid: 5d8f2822-118b-4657-aed7-9258e694b2d8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TbXkGG1YoAMFy4w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a1394d-08fcc78a3c55acf2471fa5a5;Sampled=0 x-amzn-remapped-date: Thu, 09 Jun 2022 00:05:33 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: JShGKU_ptzLYAQ25mtuWXBFeaLHFELZ4VKnIcMUDD2yEyf-JqWg-KA== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google date: Thu, 09 Jun 2022 00:28:04 GMT age: 73853 etag: "ac68acc8a1151df534c7091e2649a1eb8ac1bda7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7387 Md5: 8e823f611ccdb7459ac59e411b7407d4 Sha1: ac68acc8a1151df534c7091e2649a1eb8ac1bda7 Sha256: 7f872fa344014efad007440fcd34fb577b245829f02a2622239a0cf5eb16b2b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd16ecc08-da3c-4f68-9b5e-867a86721222.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7884 Md5: 22e50e5b811606b79fa261a0f4b01d06$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7884 x-amzn-requestid: f3836763-a936-460d-9a30-75890bbd0e13 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TbX7MFiFIAMFdpg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a139e0-5e0dbdbf346d5a0677c01524;Sampled=0 x-amzn-remapped-date: Thu, 09 Jun 2022 00:08:01 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: o1Ll0PsE34FMGg8S8_4X_Q3AAfeL80yXg50uH2FNgDwyJhKn8SFcPg== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google date: Thu, 09 Jun 2022 00:25:56 GMT age: 73981 etag: "2330a70bdfb6c118da64934343ce622feecf8f99" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7884 Md5: 22e50e5b811606b79fa261a0f4b01d06 Sha1: 2330a70bdfb6c118da64934343ce622feecf8f99 Sha256: aabf6d2d24801a04e6ace1fa0827525096f86a76f9ae3f397fdfccafb96a5a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91261462-aae2-4975-bb76-89bb07e3254a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9908 Md5: 91c4a4d77561ea4beb85ddb392ecb3e6$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9908 x-amzn-requestid: 31819828-8acc-4940-8595-0d8ace39caa1 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TbXx1HhnoAMFmuQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62a139a5-49ec8b335fb2e4f6020d796b;Sampled=0 x-amzn-remapped-date: Thu, 09 Jun 2022 00:07:01 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: yVC4beC3vmBBUhziQ6xTFsdkDOpbtel-ErMka80OgBjdtqoj3q0GcQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google date: Thu, 09 Jun 2022 01:14:42 GMT age: 71055 etag: "cc74c52d0eb054eebe61478cf0b35095253d0ef3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9908 Md5: 91c4a4d77561ea4beb85ddb392ecb3e6 Sha1: cc74c52d0eb054eebe61478cf0b35095253d0ef3 Sha256: 4d9af68b5c0a0110a1ccded2aefac05816e58332c5aa51ba5092bc292b08ecf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd140d28-6c6a-489d-b797-b95c98e7e36d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10014 Md5: 2f53a3c3920b16ab61a9ded9d38328d6$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 10014 x-amzn-requestid: cc54e41c-405c-4727-aa33-b67690971041 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: TUzcQEXwoAMF2XA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-629e991b-6a5de876195bf50056bafff4;Sampled=0 x-amzn-remapped-date: Tue, 07 Jun 2022 00:17:31 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: S8YHu4_eWYNlU1fnt-BtiJwEm6wMJW_L5Aa5X6jEUqWeYlktjFk5vQ== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google date: Thu, 09 Jun 2022 00:52:52 GMT age: 72365 etag: "4a7ed5cd115bbabb016e3f7a78a20333ae4a2a37" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10014 Md5: 2f53a3c3920b16ab61a9ded9d38328d6 Sha1: 4a7ed5cd115bbabb016e3f7a78a20333ae4a2a37 Sha256: 930b016867a8a80967dffe227b6955a72c2ac5fdc62feb04bc2f5f7029a4a088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28229c55-a318-4d35-b328-c10dd1daee64.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13478 Md5: fc4d71de3e945a13b74baaff97753fda$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 13478 x-amzn-requestid: 5fbe2453-fe83-4cea-83d0-99a2c0a316c3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Szzi2HRLoAMFuaQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62916612-4a0a0c5c6a61e4221d7ea656;Sampled=0 x-amzn-remapped-date: Sat, 28 May 2022 00:00:18 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: rYmzy7rHEuzm08tWTA6ce5jA11hIbz4mTCiD09r95Zsw_yXedeqNAQ== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Thu, 09 Jun 2022 00:24:06 GMT age: 74091 etag: "f291628f447aaf08bb50a83a16cb0b466f593e94" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13478 Md5: fc4d71de3e945a13b74baaff97753fda Sha1: f291628f447aaf08bb50a83a16cb0b466f593e94 Sha256: a33260277e0fc1f83e8b1a327d19a4cc2c9c2db53db2e24ed2af8fa7001ed0c6