Overview

URL kustens.com/A-Kus/stoyH/
IP91.189.41.173
ASNBallou Internet Services AB
Location Sweden
Report completed2022-08-29 10:28:41 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns
Scan Date Severity Indicator Comment
2022-08-29 2 kustens.com Sinkholed
Quad9 DNS
Scan Date Severity Indicator Comment
2022-08-29 2 kustens.com Sinkholed


Files

URL kustens.com/A-Kus/stoyH/
IP  91.189.41.173
Magic PE32+ executable (DLL) (console) x86-64, for MS Windows\012- data
Size 264923
MD5 4adfa084ea0e278c62b9cc8e9dc69464
SHA1 2cb3c7488df78bb32d37f0632d43f0dc9f20251e
SHA256 f51f0d1c6e9306a58f7012504f24736a219b67015c9f58a57893548d5ae90094
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-08-29 04:32:12 UTC 23.36.77.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-29 05:05:45 UTC 143.204.55.36
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-29 04:39:36 UTC 143.204.55.110
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-08-29 04:31:25 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-08-29 06:32:27 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-29 04:55:44 UTC 34.211.241.174
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-29 04:31:28 UTC 34.120.237.76
mnemonic passive DNS kustens.com (1) 0 2017-02-27 10:10:51 UTC 2022-08-29 10:28:24 UTC 91.189.41.173 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 91.189.41.173

Date UQ / IDS / BL URL IP
2022-10-31 07:16:48 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-28 06:03:36 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-23 04:07:22 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-21 19:05:29 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-20 09:28:56 +0000
0 - 0 - 1 kustens.com/A-Kus/stoyH/ 91.189.41.173

Last 5 reports on ASN: Ballou Internet Services AB

Date UQ / IDS / BL URL IP
2022-10-31 07:16:48 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-28 06:03:36 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-23 04:07:22 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-21 19:05:29 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-20 09:28:56 +0000
0 - 0 - 1 kustens.com/A-Kus/stoyH/ 91.189.41.173

Last 5 reports on domain: kustens.com

Date UQ / IDS / BL URL IP
2022-10-31 07:16:48 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-28 06:03:36 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-23 04:07:22 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-21 19:05:29 +0000
0 - 0 - 2 kustens.com/A-Kus/stoyH/ 91.189.41.173
2022-10-20 09:28:56 +0000
0 - 0 - 1 kustens.com/A-Kus/stoyH/ 91.189.41.173

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-28 22:39:02 +0000
0 - 0 - 0 81.95.34.182 81.95.34.182
2022-11-28 22:38:31 +0000
0 - 0 - 1 88.198.94.71/680126695865.zip 88.198.94.71
2022-11-28 22:24:21 +0000
0 - 0 - 2 195.178.120.24/Portgrave.exe 195.178.120.24
2022-11-28 22:22:19 +0000
0 - 0 - 2 89.208.107.122/pGzGZdueZTK8TKi9ARKn8itsJQUzA2.exe 89.208.107.122
2022-11-28 22:21:15 +0000
0 - 0 - 2 89.208.107.122/HNR0EJHG1BXUSRBAPZHAEBAIIJAMF2.exe 89.208.107.122


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (17)


Request Response
                                        
                                            GET /A-Kus/stoyH/ HTTP/1.1 
Host: kustens.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         91.189.41.173
HTTP/1.1 200 OK
Content-Type: application/x-msdownload
                                        
Date: Mon, 29 Aug 2022 10:28:30 GMT
Server: Apache/2
X-Powered-By: PHP/5.4.45
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Mon, 29 Aug 2022 10:28:30 GMT
Content-Disposition: attachment; filename="E2oSebXjZf.dll"
Content-Transfer-Encoding: binary
Set-Cookie: 630c94ce70393=1661768910; expires=Mon, 29-Aug-2022 10:29:30 GMT; path=/
Last-Modified: Mon, 29 Aug 2022 10:28:30 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  PE32+ executable (DLL) (console) x86-64, for MS Windows\012- data
Size:   264923
Md5:    4adfa084ea0e278c62b9cc8e9dc69464
Sha1:   2cb3c7488df78bb32d37f0632d43f0dc9f20251e
Sha256: f51f0d1c6e9306a58f7012504f24736a219b67015c9f58a57893548d5ae90094

Alerts:
  Blocklists:
    - mnemonic_dns: Sinkholed
    - quad9: Sinkholed
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9234
Expires: Mon, 29 Aug 2022 13:02:24 GMT
Date: Mon, 29 Aug 2022 10:28:30 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 29 Aug 2022 10:25:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5A3b7z47p3l4YG_5ooBGERyrPLkBUViMpfiqwfo0KWMMT0dwztJ8yA==
Age: 193


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PXAtFAgmdcLV9zY6GQkq8ajZqKcJMJf__s19TCwhDy6G8D54ElWoFw==
age: 42752
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 29 Aug 2022 10:28:30 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 29 Aug 2022 10:17:12 GMT
Cache-Control: max-age=3600
Expires: Mon, 29 Aug 2022 10:55:41 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QdxBrOUZJpO6phO65MiRHYQHgNN7mSZy1M_aEf5GC9qzCvv_QjrrCg==
Age: 679


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2600
Cache-Control: 'max-age=158059'
Date: Mon, 29 Aug 2022 10:28:31 GMT
Last-Modified: Mon, 29 Aug 2022 09:45:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QKXzwU9abDjy+mTCbazAHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.211.241.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p1SwIQwUowhb8NbZsd3deyPJr70=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14596
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14596
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14596
Expires: Mon, 29 Aug 2022 14:31:48 GMT
Date: Mon, 29 Aug 2022 10:28:32 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849c6deb-3aba-41f7-a257-bf54249182ba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11042
x-amzn-requestid: c92cef27-0a2c-4f5e-86b7-eafa048932b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XgUlVFdJIAMFRKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63099aee-794a2c5c54fe181b5756e5f6;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 04:17:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v9mkgh5wKAcOaXP3AGDltgHFx1eioExP7zqPee5KQugX9SjdEhMkjg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:55 GMT
age: 46357
etag: "9d37dd425e3319fbb4248718f58371b43d513ce7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11042
Md5:    5e0dc790ca607928d609e38f37c012d0
Sha1:   9d37dd425e3319fbb4248718f58371b43d513ce7
Sha256: 7f8ce6d77cbb4be87fb06ffd8f72ae997e006b933382c44b8b4e0a61743f24e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd661acf9-c387-4bb0-bdc5-10e4abb78bf1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10433
x-amzn-requestid: 30849103-3a8a-4b58-9d12-2e7d76054d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJ7wFd0IAMF2PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307237e-3d931fee17b392cc6785e73d;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:23:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DxyqrxwTW6jEwEMuxf4DjFp-UbJLnrFhSzYBXnSF8yjqJAc-qKlxYQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:45:17 GMT
age: 45795
etag: "ab86ca73ca4064306448863d32a1428a63df41a0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10433
Md5:    57d1f9745ba671f8688c7d96a041cd2b
Sha1:   ab86ca73ca4064306448863d32a1428a63df41a0
Sha256: d931268e003d82739af5c9ab9e91b11a892672c8ae82cbbb2f4b92a94cc2bddc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69552f07-b9de-4cb2-b730-c824451bf466.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5917
x-amzn-requestid: 818217c8-522f-4022-98ca-78147982b168
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xf9FNFnFoAMFabg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63097554-035ea4a72013fe3f2bfd2e64;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 01:37:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ttcGqYEMiJ97m5QW1VvBlAE7NWrHLEatYSr9T4GPSORAC0Y_rQ-PiQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:01:34 GMT
age: 73316
etag: "bf6c85d1b9456c92f6ee970e305d2706316348d4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5917
Md5:    501a65215625c77065c3a986774700fc
Sha1:   bf6c85d1b9456c92f6ee970e305d2706316348d4
Sha256: c6024d2081497bb4106db16cfa5cf4ed05fd783c29e4ac0c5620202bd4f20068
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7384
x-amzn-requestid: 8c864d07-cb4e-44db-85f0-ebea10e67aaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XV7EPG0mIAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6305721a-32398abd1da8b41f48b4755c;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 00:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6aiAJzrFSh5oLa_mpPgX71BUSwjCS0NoNruUV_4tSPwpnphPE2DWGA==
via: 1.1 759bceededb9469e75c24a46c03d64bc.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:49:06 GMT
age: 45566
etag: "0909d2250d8efc3093f15401713da4c74ba6707b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7384
Md5:    182339e49eb50a6d89fed9b4ac4bc39f
Sha1:   0909d2250d8efc3093f15401713da4c74ba6707b
Sha256: bc6fac01cec90f56f665671e2abab894752b9d8f1b1d5551e4d83cc53f0d4251
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7505
x-amzn-requestid: 66ed5a9b-1b9c-40c4-b757-7c13e9dc6410
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitJxFFSIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f0b-24404d4f7a2cae8f4c3bcb97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:39:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UFJ0DtBufSFfM1vFxdagMV5tpP5ZEH2NbdduFvVM6sL7UVpdhSBhGQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:11:51 GMT
age: 44201
etag: "ec62fa681d45d696fc7308fede11cd16979594fd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7505
Md5:    ef5729bf444dd3cc7b8e7945187e09ee
Sha1:   ec62fa681d45d696fc7308fede11cd16979594fd
Sha256: 34d5df4a669399f171489c9cd0f90a53eea21c35c1ccd310df39cc356c9922cd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10319
x-amzn-requestid: 4f0cb1b4-c2a6-410a-965c-4cc72459484a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XhG-yG-eIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309eb91-58fb7017711dd2a56fe5ef79;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 10:01:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JcHN5unq1F9L9h2My0SFXdW-n06ebaRZ8jj0W0I67pTuddWWkJ9RkQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:44:40 GMT
age: 45832
etag: "66558c36958c9162188e7aeef27c38e0c4b37cdd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10319
Md5:    76021ba70733e8d4647f29e4c990180c
Sha1:   66558c36958c9162188e7aeef27c38e0c4b37cdd
Sha256: c5278295212999c6941d57d5cee8f4d33447302af0eb74985f5dae48434607c1