Overview

URL down.6lugq4fy.com/cx/22/1/%E6%8C%89%E9%94%AE%E7%B2%BE%E7%81%B5%202021%20%E5%AE%98%E6%96%B9%E6%9C%80%E6%96%B0%E7%89%88_018_19021.exe
IP163.171.133.124
ASNQUANTILNETWORKS
Location France
Report completed2022-07-04 01:54:13 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-04 2 down.6lugq4fy.com/cx/22/1/%E6%8C%89%E9%94%AE%E7%B2%BE%E7%81%B5%202021%20%E5 (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL down.6lugq4fy.com/cx/22/1/%E6%8C%89%E9%94%AE%E7%B2%BE%E7%81%B5%202021%20%E5 (...)
IP  163.171.133.124
Magic PE32 executable (GUI) Intel 80386, for MS Windows\012- data
Size 1428688
MD5 5131c7be984a2b0bb471f99d3d2ea9e4
SHA1 9a456bbf88c462416b0e08351e5e416a23a529b7
SHA256 6fbfcb1ac311e95e097dacdb5eff8283a9d7d0091ec26753ff114d596664af7c
Analyzer Analysed Verdict Comment
VirusTotal 2022-07-04 01:15:31 29/69


Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-07-03 04:49:06 UTC 23.36.76.226
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-03 05:07:31 UTC 54.230.111.99
[Mnemonic Passive DNS] down.6lugq4fy.com (1) 0 2021-01-12 20:00:47 UTC 2022-07-03 20:09:27 UTC 163.171.133.124 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-03 21:37:13 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-03 05:03:35 UTC 35.81.125.88
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-03 04:06:00 UTC 34.120.237.76


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 163.171.133.124

Date UQ / IDS / BL URL IP
2022-08-16 15:19:47 +0000
0 - 0 - 2 down.5887979.com/cx/22/1/acrotray.exeC383C2A6 (...) 163.171.133.124
2022-08-16 11:19:17 +0000
0 - 0 - 2 down.7868636.com/cx/22/1/C3A5C28DC283C3A5C28D (...) 163.171.133.124
2022-08-16 05:14:59 +0000
0 - 0 - 2 down.6lugq4fy.com/cx/22/1/led%C3%83%C2%A5%C3% (...) 163.171.133.124
2022-08-16 04:15:37 +0000
0 - 0 - 2 down.5887979.com/cx/22/1/C3A5C29BC2BEC3A8C2AF (...) 163.171.133.124
2022-08-16 02:08:51 +0000
0 - 0 - 1 down.5887979.com/cx/22/1/C383C283C382C283C383 (...) 163.171.133.124
2022-08-15 21:00:40 +0000
0 - 0 - 2 down.5887979.com/cx/22/1/%C3%83%C2%A5%C3%82%C (...) 163.171.133.124
2022-08-15 19:55:20 +0000
0 - 0 - 2 down.6lugq4fy.com/cx/22/1/%E9%BB%91%E7%A7%91% (...) 163.171.133.124
2022-08-15 18:55:37 +0000
0 - 0 - 2 down.5887979.com/cx/22/1/%C3%A6%C2%8E%C2%8C%C (...) 163.171.133.124
2022-08-15 17:50:07 +0000
0 - 0 - 2 down.6lugq4fy.com/cx/22/1/%E8%BF%85%E9%9B%B7X (...) 163.171.133.124
2022-08-15 16:50:35 +0000
0 - 0 - 2 down.5887979.com/cx/22/1/kmspicoC3A7C2BBC2BFC (...) 163.171.133.124

Last 10 reports on ASN: QUANTILNETWORKS

Date UQ / IDS / BL URL IP
2022-08-18 20:37:03 +0000
0 - 0 - 23 https://www--wellsfargo--com--by49329d48d6c.w (...) 163.171.131.129
2022-08-18 19:27:04 +0000
0 - 0 - 23 https://www--wellsfargo--com--b649329d48d6c.w (...) 163.171.131.129
2022-08-18 19:26:00 +0000
0 - 0 - 20 https://www--wellsfargo--com--b549329d48d6c.w (...) 163.171.131.129
2022-08-18 13:41:46 +0000
0 - 0 - 1 www--wellsfargo--com--bd49329d48d6c.wsipv6.co (...) 163.171.131.129
2022-08-18 09:13:19 +0000
0 - 0 - 23 https://www--wellsfargo--com--bu49329d48d6c.w (...) 163.171.131.129
2022-08-18 07:48:01 +0000
0 - 0 - 20 https://www--wellsfargo--com--bv49329d48d6c.w (...) 163.171.131.129
2022-08-18 07:04:19 +0000
0 - 0 - 20 https://www--wellsfargo--com--bw49329d48d6c.w (...) 163.171.131.129
2022-08-18 06:05:40 +0000
0 - 0 - 1 www--wellsfargo--com--9q49329d48d6c.wsipv6.co (...) 163.171.131.129
2022-08-18 05:46:01 +0000
0 - 0 - 1 www--wellsfargo--com--bl49329d48d6c.wsipv6.co (...) 163.171.131.129
2022-08-17 23:05:30 +0000
0 - 0 - 1 www--wellsfargo--com--9549329d48d6c.wsipv6.co (...) 163.171.131.129

No other reports on domain: 6lugq4fy.com



JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (18)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 04 Jul 2022 00:54:05 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M9MjnZqkde3ne8ZwSGWEA8rDIbeVG-z2bmucwtlOvyDPENYspykF9A==
Age: 3595


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8E263E6763753F5659AC0FC2D11DAF8ECE9720988153C38CB40631AF26C86575"
Last-Modified: Fri, 01 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2935
Expires: Mon, 04 Jul 2022 02:42:55 GMT
Date: Mon, 04 Jul 2022 01:54:00 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.99
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 03 Jul 2022 03:26:42 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fOyYjqrKqnnxa0AEG82Tq7WtDS0w_S-e5lh5kebz56T4dI7xb33hxg==
age: 80839
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /cx/22/1/%E6%8C%89%E9%94%AE%E7%B2%BE%E7%81%B5%202021%20%E5%AE%98%E6%96%B9%E6%9C%80%E6%96%B0%E7%89%88_018_19021.exe HTTP/1.1 
Host: down.6lugq4fy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         163.171.133.124
HTTP/1.1 200 OK
Content-Type: application/x-msdownload;charset=UTF-8
                                        
Date: Mon, 04 Jul 2022 01:54:00 GMT
Content-Length: 1428688
Connection: keep-alive
Accept-Ranges: bytes
ETag: "FppFa7-IxGJBaw4INR5eQWojpSm3"
Last-Modified: Fri, 17 Jun 2022 08:50:26 GMT
X-Reqid: 202429121210735820220617165424lqHEBJFKsampled
Server: WS-web-server
Age: 1
X-Via: 1.1 PS-KHH-010aH122:7 (Cdn Cache Server V2.0), 1.1 hx172:10 (Cdn Cache Server V2.0), 1.1 PS-CDG-01tVU61:4 (Cdn Cache Server V2.0)
X-Ws-Request-Id: 62c24838_PSfgblPAR2cm80_21725-27406


--- Additional Info ---
Magic:  PE32 executable (GUI) Intel 80386, for MS Windows\012- data
Size:   1428688
Md5:    5131c7be984a2b0bb471f99d3d2ea9e4
Sha1:   9a456bbf88c462416b0e08351e5e416a23a529b7
Sha256: 6fbfcb1ac311e95e097dacdb5eff8283a9d7d0091ec26753ff114d596664af7c

Alerts:
  Blocklists:
    - fortinet: Malware
  File Analyzers:
    - virustotal: 29/69
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Mon, 04 Jul 2022 01:54:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4911
Cache-Control: 'max-age=158059'
Date: Mon, 04 Jul 2022 01:54:01 GMT
Last-Modified: Mon, 04 Jul 2022 00:32:10 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 04 Jul 2022 01:52:20 GMT
Cache-Control: max-age=3600
Expires: Mon, 04 Jul 2022 01:59:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -IE4xBE1mHFqHYXSeuaTRT9eOcrAijgwjNQI4bskApTYZGncyhaBmg==
Age: 101


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +exf6KCS317/wC1/z4gPDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.81.125.88
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IQ8cAFBToS8Rtzh26mwfdBcnYo4=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9175
Expires: Mon, 04 Jul 2022 04:26:58 GMT
Date: Mon, 04 Jul 2022 01:54:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9175
Expires: Mon, 04 Jul 2022 04:26:58 GMT
Date: Mon, 04 Jul 2022 01:54:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9175
Expires: Mon, 04 Jul 2022 04:26:58 GMT
Date: Mon, 04 Jul 2022 01:54:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "ED6C6F73611FB56DFA41FD028E23F0BC0470D319E51B212B8078C2C0DF8F4638"
Last-Modified: Fri, 01 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9175
Expires: Mon, 04 Jul 2022 04:26:58 GMT
Date: Mon, 04 Jul 2022 01:54:03 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb4cb110-4509-4fa1-8c48-16afc0ba81e0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10016
x-amzn-requestid: 9395283d-2444-424a-a613-b7a878bb821a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UrcB7H9dIAMFbVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c14072-2b096796763e53f82333d56b;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 07:08:34 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NEW9UaGF5-3qUPQPfIGG9UFtZQmoUkEsvo0HG-iWtqYuZ1al4gEotQ==
via: 1.1 7f06047c304d80ea094816a27c933914.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 07:20:42 GMT
etag: "f77072cb8828469a23bf18c240d0427b3fdb4900"
content-type: image/jpeg
age: 66801
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10016
Md5:    21c5a9ec20f4ded465b3fa0262d1ffd7
Sha1:   f77072cb8828469a23bf18c240d0427b3fdb4900
Sha256: d6c70bb2a8669708eba54bd1f7d0587f56774cb5d2e0cf2555144c14f7a48f39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8553
x-amzn-requestid: af8b913f-5eac-4e16-9afa-42b22b9fd6ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UaDuIEpAIAMFv8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ba4cc0-29637a607cd815ef0080c235;Sampled=0
x-amzn-remapped-date: Tue, 28 Jun 2022 00:35:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cJeOg5uZyKlrsa7XqpngVUr13fqslxDpFmXr-4pTfqqB46xREdv68Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 15:09:20 GMT
age: 38683
etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8553
Md5:    e6f97e6b64100081e8bed56216564854
Sha1:   303f4efaa9b98e39a935fc6514d3731d40d2977c
Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66b20085-8cd8-4748-ac31-58ca1a241d34.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9347
x-amzn-requestid: 6d8b5c8e-c88f-4884-9676-e48de12c1cf6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UtcKdFr9IAMF51g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c20d75-3c3915f8408903687548b539;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:43:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tnwshv7EC_gYfFXO-9m4aohEpBaIVKMSJa4aSHp8m1uIvetfczQYzg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 21:56:03 GMT
age: 14280
etag: "15b180ba60ecc0d9164ec35b33255f2097f409dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9347
Md5:    351e41f043f5fa1d3c4e4a742a556492
Sha1:   15b180ba60ecc0d9164ec35b33255f2097f409dd
Sha256: f51c2423e80c3a7127c9e1a3ad1af2b862e9ffa082c9010c590b0a99c4109637
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346ee3d1-9b99-4d29-a3ca-05ae8a63c478.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 14051
x-amzn-requestid: b39a0cbe-cb9e-43cc-a9a8-d221a35eb7d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UnlK0HIyoAMFRqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfb578-68e888675e9184a979f35a3b;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 03:03:20 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YDQW-JyjQQ9cqBOtYEXpON-YWDkWD1z00YkJJKPqrDPiMj6Kw3r9_w==
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 03:37:10 GMT
age: 80213
etag: "6a2dd506bdb06bb5490245754907cdca6ad21af5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14051
Md5:    cdc2461ebcb11ddac4681075b9e78f85
Sha1:   6a2dd506bdb06bb5490245754907cdca6ad21af5
Sha256: c8caef144cfd4ea195774043d3956ee6c60d6f6d35f0713b3ada69db0ea9a1f9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74af1c17-6f63-4855-81e2-9f80ae242961.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5364
x-amzn-requestid: 39f6a4be-1718-4213-bb8a-932adb2d0035
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UtbTBG9DIAMFgJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c20c13-2c6f9e226f8aec897674988b;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:37:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z2cq6tJ9tDNXjHKhOYqgVBLfasQvL-niPqNuf-jGNEM3kXqj5hBMfA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 21:56:03 GMT
age: 14280
etag: "4e9302e78b9152dee1418d5f3531b84140bf2692"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5364
Md5:    91cb3250f142aed5968a55a0db1755d6
Sha1:   4e9302e78b9152dee1418d5f3531b84140bf2692
Sha256: 1ac35b52aa3bc4e4f79df8ca028587a8f282771df465ac1bb6d6fca880a43f6b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67729803-3d7f-4ce5-bbe0-ecb052b954d9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9367
x-amzn-requestid: c2ee3f6c-8b08-48b5-9076-84bed1cc772f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UnletH0GIAMF32w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfb5f7-7d42ba136da1f849708c0883;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 03:05:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: R5kXua5YIvj0OqzfgR4cd8UY1wLRcPSI51YmUo8QET95gNvCi0bq8w==
via: 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 03 Jul 2022 04:06:30 GMT
age: 78453
etag: "32030ca4bb476cafdd8788744e8c2108ff07ecfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9367
Md5:    f0b487927eb3d75bc35eea047139d89a
Sha1:   32030ca4bb476cafdd8788744e8c2108ff07ecfb
Sha256: 68fa28bbd4822fa474ca77752c1c366c588705b2afde89242d550ca9400a9b29