| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcd2bda30513692aa11a672c6a599935d a944c3aa26b461063194a4bb95ce427d23a32d03 d975d1eab40c9fe4986ae0675d79e4f982eb9c0e2f503ca72b3bdf0ec9e7dfdc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D975D1EAB40C9FE4986AE0675D79E4F982EB9C0E2F503CA72B3BDF0EC9E7DFDC"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12038
Expires: Wed, 28 Dec 2022 08:27:37 GMT
Date: Wed, 28 Dec 2022 05:06:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash78f1f94544ef06b96bb43283f59d100f fa2f1a3730a98c6fa5ebf976143fb6093a7298be 889af22ee304adea2e23491acbc89ebdcaf322e8c45af2bebf7520e3e9b0a6a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "889AF22EE304ADEA2E23491ACBC89EBDCAF322E8C45AF2BEBF7520E3E9B0A6A9"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3524
Expires: Wed, 28 Dec 2022 06:05:43 GMT
Date: Wed, 28 Dec 2022 05:06:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb2d59bdbb1ca6324590988ec031cf1fc bfd4e25af37dcde4bac38d9b178c5ac8e50f8834 cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3788
Expires: Wed, 28 Dec 2022 06:10:07 GMT
Date: Wed, 28 Dec 2022 05:06:59 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 28 Dec 2022 04:35:16 GMT
content-type: application/json
age: 1903
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: I5ZuDnyOny603KJ+z1zNWuFg3wlU11d0HdwpmGGh7WrKP+1RUXFXvzeE13r4jLtTXpuMBb8huEo=
x-amz-request-id: 7DKWQBQS8GW7XH11
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Dec 2022 04:56:01 GMT
age: 658
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Dec 2022 05:06:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 194.38.23.170/Wlkaazqe.jpeg | 194.38.23.170 | 200 OK | 2.3 MB |
URL HTTP/1.1194.38.23.170/Wlkaazqe.jpeg IP194.38.23.170:0 ASN#48693 Rices Privately owned enterprise
File typeASCII text, with very long lines (65536), with no line terminators Size2.3 MB (2306048 bytes) Hash20326a169f1f9df3bb1496dbdd935849 13094577aa118288b561afb7f4b7e6a0267a1ba1 f215fefb8f6a600a59dc62bf8ae182ec8fd44e6675affe3da1dfdd5f4aa17984
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
NIDS | Severity | Alert | suricata | high | ET MALWARE PE EXE or DLL Windows file download disguised as ASCII | suricata | high | ET MALWARE PE EXE or DLL Windows file download Text M2 | suricata | low | ET HUNTING [TW] Likely Hex Executable String |
GET /Wlkaazqe.jpeg HTTP/1.1
Host: 194.38.23.170
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 28 Dec 2022 05:05:55 GMT
Content-Type: image/jpeg
Content-Length: 2306048
Last-Modified: Wed, 05 Oct 2022 14:39:22 GMT
Connection: keep-alive
ETag: "633d971a-233000"
Accept-Ranges: bytes
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 28 Dec 2022 04:08:08 GMT
age: 3531
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash60b8396db0bbfa5f2ae7e34c9d04ebcc 50b6c68aa2b2a459315a9989f5d3e326e8ad5539 c10a1e0f984b121958a5cfa3b45b746db85d33c9073fcacb019d9bb27ef3b073
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6210
Cache-Control: max-age=107005
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 05:06:59 GMT
Etag: "63aab5ae-1d7"
Expires: Thu, 29 Dec 2022 10:50:24 GMT
Last-Modified: Tue, 27 Dec 2022 09:06:54 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
|
|
| 194.38.23.170/favicon.ico | 194.38.23.170 | 404 Not Found | 141 B |
URL HTTP/1.1194.38.23.170/favicon.ico IP194.38.23.170:0 ASN#48693 Rices Privately owned enterprise
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash1e028d1bedabe7da4b30c957ea6cae6f a4bb4db4539f4a027fa1bde783c8d7becca07a04 5eb298958a1c4bb4495ba1bbbf743ee28070c866bf26bf7541ef94e9f0fc67e7
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: 194.38.23.170
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://194.38.23.170/Wlkaazqe.jpeg
HTTP/1.1 404 Not Found
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 28 Dec 2022 05:05:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| push.services.mozilla.com/ | 52.42.74.230 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.42.74.230:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ecWjr+WHvVx+qRsIsptwuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZjKmCKmohpYVh/zu843RqpwWpTE=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Wed, 28 Dec 2022 08:28:39 GMT
Date: Wed, 28 Dec 2022 05:07:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Wed, 28 Dec 2022 08:28:39 GMT
Date: Wed, 28 Dec 2022 05:07:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Wed, 28 Dec 2022 08:28:39 GMT
Date: Wed, 28 Dec 2022 05:07:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash563a71326245b9544f7051f983f4d897 7293247391520689fb7aeac14ee6c984d82d7de3 17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12098
Expires: Wed, 28 Dec 2022 08:28:39 GMT
Date: Wed, 28 Dec 2022 05:07:01 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg | 34.120.237.76 | 200 OK | 4.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashae5da67479fa2f3afda50a7566b5e46e d71de1881ea09f0aed36703f95635cc0cd552429 a67eca901c4f8436074f48a594cd9942742430c8776745152baf3f858a9c3407
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4443
x-amzn-requestid: 6ca832c3-dcdc-4fc3-bb60-6868d09f824b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0y_zFEOoAMF9KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab6531-0a9be43a500ea8b41200cc43;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VvXODqjCpshzmjPEPpfo9vYkptKA-JEjqereJgM_8WqhMLJUC-a_0w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 22:04:23 GMT
etag: "d71de1881ea09f0aed36703f95635cc0cd552429"
content-type: image/jpeg
age: 25358
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb373925ce249ca67e6984c436f5cd2b8 ddbc25025b933587990f8e9c32e91c9773256840 7d3c992b715283efeba9bee2e5c08042267017e76074ca6aad870e1dd45b4564
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9007
x-amzn-requestid: 15b3b2e5-d493-4b54-aab4-7374bf892e83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFbESxIAMFikw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-37f4ab8e7738b186705bb1db;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SgjNBdI4lkk3DIdROxkZ8sdadoe-pewXA9Q5M55pGe-LNk012lLFmQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 03:23:10 GMT
age: 6231
etag: "ddbc25025b933587990f8e9c32e91c9773256840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2be386a4-d784-4e1f-8438-ac7fa15c7807.webp | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2be386a4-d784-4e1f-8438-ac7fa15c7807.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5854187fd3f867d811e9aab339f2a074 faf594f1418adb7bcec9391365b39efbcb2e41bf ee67d43a9ba676a76fdc35db6f960d211ad8bcb288e5007ccc0c0d6e096f2f9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2be386a4-d784-4e1f-8438-ac7fa15c7807.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7677
x-amzn-requestid: 5769904d-11e8-4ea1-bd47-75817ba0f808
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0ytDHZyIAMFe-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64b9-1abcb3673547ae3d0dc23114;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQiZVmTEmifegyy8M0bIVAbbvX6X4aFXMYqKH357wCCcpZOd-3g-Jw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:35:33 GMT
age: 27088
etag: "faf594f1418adb7bcec9391365b39efbcb2e41bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg | 34.120.237.76 | 200 OK | 9.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb970ffab86fbe4a36726473524096ed1 92bc9a2cc454608eae4e310456f2ec180d4ccdca 9d9377466c1d69d25cbde0092dbebb8579ba3f172a001e3068690c7d7efc779c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9103
x-amzn-requestid: d35b52dd-fc72-47ca-8232-00e48cd6d209
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z_EEruIAMFlQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66c6-574a052f67683ba238966de5;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ohxADRAP902PofikgbhHb6N0yLainQlafqatm4eBQ1u5DHGr1r15Fg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 22:05:36 GMT
age: 25285
etag: "92bc9a2cc454608eae4e310456f2ec180d4ccdca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0fc31b4-e69a-4fcc-907a-23e1efce25ef.jpeg | 34.120.237.76 | 200 OK | 9.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0fc31b4-e69a-4fcc-907a-23e1efce25ef.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash723e4fbf0cbe933067cb8af0feb29173 ee583b5ce82c0e6f80d91e284f2431acf32c6198 6c2a9961b476120be60937959181a0630ff60cfe8f28c69dd145f85a2da98194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0fc31b4-e69a-4fcc-907a-23e1efce25ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9264
x-amzn-requestid: c5ca450b-8de1-41fe-a551-cbeda3b9dd2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dvhL-HQxoAMFg6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a948b2-55cc54865027a82c1eab27dd;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 07:09:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PcCn1cxKzsTCmsR0WqRvl5YZvVvdhYLARCXiCvj_wVxlABUkvof7RQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 07:53:21 GMT
age: 76420
etag: "ee583b5ce82c0e6f80d91e284f2431acf32c6198"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8ab36b0d168174ef2d960be9810fdb2d 7c8a7415cab3ef88b5d1204af214a687b1676dda a1d842fd02273603db0090d34c317d7a3ce3e5f00f29271d45fc4ed6d09ee21e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7817
x-amzn-requestid: 21a68509-6fec-48b3-8bce-fb2ebfab3289
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuCEVwIAMFUrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c0-5e23ceec731631d93e01e2c8;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XW37o6TY-ynuySDq8QgtRV96fMBxkZeslHuLJNWBDLaiSz-fHJSQDA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:35:40 GMT
age: 27081
etag: "7c8a7415cab3ef88b5d1204af214a687b1676dda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|