urlquery - report: pastebin.com/raw/0v6Vs6Ca

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP
ocsp.digicert.com (3)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
r3.o.lencr.org (6)	344	No data	No data	23.36.77.32
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-07 05:46:18 UTC	34.117.237.239
pastebin.com (2)	25623	2012-05-20 18:39:30 UTC	2022-11-07 05:16:01 UTC	104.20.67.143
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76

Scan Date	Severity	Indicator	Comment
2022-11-07	2	pastebin.com/raw/0v6Vs6Ca	Malware

Date	UQ / IDS / BL	URL	IP
2023-02-01 08:42:49 +0000	0 - 0 - 1	pastebin.com/raw/cL49LHSm	172.67.34.170
2023-02-01 08:41:22 +0000	0 - 0 - 1	pastebin.com/raw/SbWw1SxL	172.67.34.170
2023-02-01 08:41:19 +0000	0 - 0 - 1	pastebin.com/raw/s7znV8xF	172.67.34.170
2023-02-01 08:40:31 +0000	0 - 0 - 1	pastebin.com/raw/FwWsTz49	172.67.34.170
2023-02-01 08:40:22 +0000	0 - 0 - 1	pastebin.com/raw/gjMqqF9u	172.67.34.170

Date	UQ / IDS / BL	URL	IP
2023-02-01 09:56:09 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/52968738499723 (...)	162.159.134.233
2023-02-01 09:56:05 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/46130029373764 (...)	162.159.135.233
2023-02-01 09:56:03 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/49742670275097 (...)	162.159.130.233
2023-02-01 09:56:01 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/54682446140434 (...)	162.159.130.233
2023-02-01 09:55:59 +0000	0 - 1 - 0	cdn.discordapp.com/attachments/46277274327698 (...)	162.159.129.233

Date	UQ / IDS / BL	URL	IP
2023-02-01 08:42:49 +0000	0 - 0 - 1	pastebin.com/raw/cL49LHSm	172.67.34.170
2023-02-01 08:42:42 +0000	0 - 0 - 1	pastebin.com/raw/4dpuY8jX	104.20.67.143
2023-02-01 08:41:56 +0000	0 - 0 - 1	pastebin.com/raw/dvpxTruR	104.20.67.143
2023-02-01 08:41:44 +0000	0 - 0 - 1	pastebin.com/raw/tivW1TJ0	104.20.68.143
2023-02-01 08:41:22 +0000	0 - 0 - 1	pastebin.com/raw/SbWw1SxL	172.67.34.170

Date	UQ / IDS / BL	URL	IP
2023-02-01 08:39:24 +0000	0 - 0 - 1	pastebin.com/raw/sjZmdpp1	172.67.34.170
2023-02-01 08:21:47 +0000	0 - 0 - 1	pastebin.com/raw/sqbta925	104.20.68.143
2023-02-01 08:21:40 +0000	0 - 0 - 1	pastebin.com/raw/YFPUFJfD	104.20.68.143
2023-02-01 08:21:17 +0000	0 - 0 - 1	pastebin.com/raw/Nyar3agz	104.20.67.143
2023-02-01 08:14:57 +0000	0 - 0 - 1	pastebin.com/raw/MENzMPst	172.67.34.170

Request	Response
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 64c625134462acd979fc0992cac45275c1bda7b1bcf3da81a7471e1e8d09524b 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4129 Cache-Control: max-age=90445 Date: Mon, 07 Nov 2022 08:32:40 GMT Etag: "636770d4-116" Expires: Tue, 08 Nov 2022 09:40:05 GMT Last-Modified: Sun, 06 Nov 2022 08:31:16 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 5ef3897804dece3ca346980f5c48d7f6 Sha1: 156623bddd845238b6133e5797bb56d022d140e7 Sha256: 64c625134462acd979fc0992cac45275c1bda7b1bcf3da81a7471e1e8d09524b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "402FFBF1404CF05C0516C5A8CD5344BD53537AC5150D387730A90C81C17DC9E4" Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9490 Expires: Mon, 07 Nov 2022 11:10:50 GMT Date: Mon, 07 Nov 2022 08:32:40 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9e164a845d32db8fa51fdb5b1aa218d9 Sha1: 169099b4d2f8e119ab6cf6fca279b6fb535b1759 Sha256: 402ffbf1404cf05c0516c5a8cd5344bd53537ac5150d387730a90c81c17dc9e4
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6289 Cache-Control: max-age=99792 Date: Mon, 07 Nov 2022 08:32:40 GMT Etag: "63678ce7-1d7" Expires: Tue, 08 Nov 2022 12:15:52 GMT Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 05978511215be8462d0b69e33b3a91a3 Sha1: 61535ba131d547f1c5108d9e7763ee3fc8d8c824 Sha256: cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DF8B8CE7A83D11FBE075C8780103C509654F288B5D757D64B696D861A11F3C7F" Last-Modified: Sun, 06 Nov 2022 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4268 Expires: Mon, 07 Nov 2022 09:43:48 GMT Date: Mon, 07 Nov 2022 08:32:40 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d8c32b2fb818533a5b3fe5c69157bde9 Sha1: 93594fd3fc50d9d444c28660eabba1edbe4f0588 Sha256: df8b8ce7a83d11fbe075c8780103c509654f288b5d757d64b696d861a11f3c7f
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 5vNw3xSmwIBLO0Vfo1AN80JR6Ebjj2IuNPT/0yHZP0pa0rhfif39y8ZNQ6vvpU/8bQtFdC1keiw= x-amz-request-id: 24NGAQY02Y7SDECN content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 07 Nov 2022 07:47:58 GMT age: 2682 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 07 Nov 2022 08:32:40 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4192 Cache-Control: max-age=92642 Date: Mon, 07 Nov 2022 08:32:41 GMT Etag: "6367792b-1d7" Expires: Tue, 08 Nov 2022 10:16:43 GMT Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: d862f992e9902530594e7aca425f129b Sha1: 25b414fe833d30b52928535d659a1ee281b82e3a Sha256: 0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
GET /favicon.ico HTTP/1.1 Host: pastebin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://pastebin.com/raw/0v6Vs6Ca Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: pastebin.com/favicon.ico FQDN: pastebin.com IP: 104.20.67.143 HASH: 51174f22a7f391fe36f47b0b5eeaa82fc76b77e320627cfd05176ff035a0fb71 104.20.67.143 HTTP/2 200 OK content-type: image/x-icon date: Mon, 07 Nov 2022 08:32:40 GMT last-modified: Sun, 23 Oct 2022 19:42:14 GMT etag: W/"63559916-13e" cache-control: max-age=31536000 cf-cache-status: HIT age: 3463 vary: Accept-Encoding server: cloudflare cf-ray: 7664b83dfaacb524-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data Size: 212 Md5: 4e515ffdb1411e62a85c1eb4772860d9 Sha1: 7ceb54f0b46b06d7b0884c813292782a8557d0f1 Sha256: 51174f22a7f391fe36f47b0b5eeaa82fc76b77e320627cfd05176ff035a0fb71
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10353 Expires: Mon, 07 Nov 2022 11:25:15 GMT Date: Mon, 07 Nov 2022 08:32:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2e37c89a5a7f608a21ac42b87ee0f7fc Sha1: 55132fb03671e178b7e186da48ac7e02d6e96e23 Sha256: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10353 Expires: Mon, 07 Nov 2022 11:25:15 GMT Date: Mon, 07 Nov 2022 08:32:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2e37c89a5a7f608a21ac42b87ee0f7fc Sha1: 55132fb03671e178b7e186da48ac7e02d6e96e23 Sha256: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10353 Expires: Mon, 07 Nov 2022 11:25:15 GMT Date: Mon, 07 Nov 2022 08:32:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2e37c89a5a7f608a21ac42b87ee0f7fc Sha1: 55132fb03671e178b7e186da48ac7e02d6e96e23 Sha256: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10353 Expires: Mon, 07 Nov 2022 11:25:15 GMT Date: Mon, 07 Nov 2022 08:32:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 2e37c89a5a7f608a21ac42b87ee0f7fc Sha1: 55132fb03671e178b7e186da48ac7e02d6e96e23 Sha256: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10462 x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aMF6oEz_oAMF8Hg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0 x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google date: Mon, 07 Nov 2022 06:28:00 GMT age: 7482 etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10462 Md5: 4e2853cc6ec6223160471401e6871f4b Sha1: f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0cee920-59af-44a8-b927-8cca201ce610.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f1c14829ae75863531bde481455b5ae20254eb3472604d01b77a6028e4e56bf6 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9612 x-amzn-requestid: dd4e6718-3415-413b-bbac-2fdf17dca523 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: a9iOjEtoIAMF-LQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63621729-35a6494a7e699fdf52b9b68b;Sampled=0 x-amzn-remapped-date: Wed, 02 Nov 2022 07:07:21 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: eDEsT0S4pW3FVaI4FUHfvqZTRLWM0EwKww7Gfpr2lyk6axQG7MMmwA== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google date: Sun, 06 Nov 2022 21:48:32 GMT age: 38650 etag: "f88269b0e066e777dd74b36648b6dbdcf10647b5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9612 Md5: 78d54d3bbd154ae8ac4366cb204ff7a0 Sha1: f88269b0e066e777dd74b36648b6dbdcf10647b5 Sha256: f1c14829ae75863531bde481455b5ae20254eb3472604d01b77a6028e4e56bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefee2ae9-d184-46f8-a533-ea273a91af2e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4883c9adc382eae7b7caf635c27b1ef5710764a419f38187ed67e1b48e14a8b9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10259 x-amzn-requestid: ae2a64bf-cd9f-4ff7-a983-0bb2878b6875 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bMtUsHtPIAMFcFA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-636828ea-09168b3147e89dd82c1dac43;Sampled=0 x-amzn-remapped-date: Sun, 06 Nov 2022 21:36:42 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: unEiI90qfLjOa-EK2vuA-bQkOP83y7hW9Xaqh8r6jLJdWAfz18CQEQ== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google date: Sun, 06 Nov 2022 21:39:11 GMT age: 39211 etag: "a2bed4ca0144a095081328d8764425a1db201cd6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10259 Md5: e77fbdbce177ac614b2927102fc12829 Sha1: a2bed4ca0144a095081328d8764425a1db201cd6 Sha256: 4883c9adc382eae7b7caf635c27b1ef5710764a419f38187ed67e1b48e14a8b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F100d1c51-b2c7-40d5-bd34-a37c21b8252d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 196ffd4e5245355c1c5d67f49b28200630ccfe1e4ebaa7280154b7adaf39b18f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9435 x-amzn-requestid: 7c39c00f-1362-44c1-9628-749045e542b4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bEIU9G5gIAMFzZA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6364ba85-57fbfb872251c37f4137b262;Sampled=0 x-amzn-remapped-date: Fri, 04 Nov 2022 07:08:53 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: GaFmcnh2vF0lCj_QPQ7SAIT_UzHHyr8UaHa-R_ifuZsX7quU0mBJ9Q== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google date: Sun, 06 Nov 2022 19:49:42 GMT age: 45780 etag: "55ffd5d6cb8074bdbdb8d06719119021bc81aeab" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9435 Md5: c0a079a6dfb70fb2a2d6b5aff7103f73 Sha1: 55ffd5d6cb8074bdbdb8d06719119021bc81aeab Sha256: 196ffd4e5245355c1c5d67f49b28200630ccfe1e4ebaa7280154b7adaf39b18f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba2be0c-46a2-4aa1-be6e-09cafbba66a9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6724e0c14b11cf9ef8c2050116115e5f7985f744184a7d2e8ea4c0189bd1997d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7309 x-amzn-requestid: 0d1c4df8-769e-497b-999c-b1087d79dfe4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bKLIGGWHIAMFhiw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63672566-1745417f7ed16a0576321e03;Sampled=0 x-amzn-remapped-date: Sun, 06 Nov 2022 03:09:26 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: Jxy0K13kA9KV6V4d_-nxs7HZk7J2JgKeJFsC1NXhJI0SvEBXSuRBbQ== via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google date: Mon, 07 Nov 2022 03:38:14 GMT age: 17668 etag: "7e7ba87cfbc21acc28219c68521eedd6d3f614a0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7309 Md5: 1190aa1b3db742f1cc476e53b34479b7 Sha1: 7e7ba87cfbc21acc28219c68521eedd6d3f614a0 Sha256: 6724e0c14b11cf9ef8c2050116115e5f7985f744184a7d2e8ea4c0189bd1997d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa958db65-71f7-4c79-9753-9af1fe88477b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e8750b0156ed980f11682d92f5c60ce2783518b37f156e74340617a74d826813 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13224 x-amzn-requestid: d6c8a626-313d-4add-9467-eb946a38262a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: a9iPHEkgoAMF1Og= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6362172d-1be7a03a1b288dec56281915;Sampled=0 x-amzn-remapped-date: Wed, 02 Nov 2022 07:07:25 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: R2vHbrKm_n2kWK3bG4htWAIqi1YNjNjaX8LG5AWWHPlKnaWi6JAGzA== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google date: Sun, 06 Nov 2022 15:14:16 GMT age: 62306 etag: "e63e4bee84953491236a8261ef07b5a4743fa891" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13224 Md5: 7a5e060b41bd5313b1cf828c1d5ecbcc Sha1: e63e4bee84953491236a8261ef07b5a4743fa891 Sha256: e8750b0156ed980f11682d92f5c60ce2783518b37f156e74340617a74d826813
GET /raw/0v6Vs6Ca HTTP/1.1 Host: pastebin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: pastebin.com/raw/0v6Vs6Ca FQDN: pastebin.com IP: 104.20.67.143 104.20.67.143 HTTP/2 200 OK content-type: text/plain; charset=utf-8 date: Mon, 07 Nov 2022 08:32:40 GMT x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 1;mode=block cache-control: public, max-age=1801 cf-cache-status: MISS last-modified: Mon, 07 Nov 2022 08:32:40 GMT vary: Accept-Encoding server: cloudflare cf-ray: 7664b83c389bb524-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Malware

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4129 

                                        
                                            
Cache-Control: max-age=90445 

                                        
                                            
Date: Mon, 07 Nov 2022 08:32:40 GMT 

                                        
                                            
Etag: "636770d4-116" 

                                        
                                            
Expires: Tue, 08 Nov 2022 09:40:05 GMT 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 08:31:16 GMT 

                                        
                                            
Server: ECS (ska/F717) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 278 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   278

                                                Md5:    5ef3897804dece3ca346980f5c48d7f6

                                                Sha1:   156623bddd845238b6133e5797bb56d022d140e7

                                                Sha256: 64c625134462acd979fc0992cac45275c1bda7b1bcf3da81a7471e1e8d09524b

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6289 

                                        
                                            
Cache-Control: max-age=99792 

                                        
                                            
Date: Mon, 07 Nov 2022 08:32:40 GMT 

                                        
                                            
Etag: "63678ce7-1d7" 

                                        
                                            
Expires: Tue, 08 Nov 2022 12:15:52 GMT 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT 

                                        
                                            
Server: ECS (ska/F717) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    05978511215be8462d0b69e33b3a91a3

                                                Sha1:   61535ba131d547f1c5108d9e7763ee3fc8d8c824

                                                Sha256: cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: 5vNw3xSmwIBLO0Vfo1AN80JR6Ebjj2IuNPT/0yHZP0pa0rhfif39y8ZNQ6vvpU/8bQtFdC1keiw= 

                                        
                                            
x-amz-request-id: 24NGAQY02Y7SDECN 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Mon, 07 Nov 2022 07:47:58 GMT 

                                        
                                            
age: 2682 

                                        
                                            
last-modified: Fri, 30 Sep 2022 18:50:55 GMT 

                                        
                                            
etag: "67d5a988edcda47bc3b3b3f65d32b4b6" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    67d5a988edcda47bc3b3b3f65d32b4b6

                                                Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f

                                                Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4192 

                                        
                                            
Cache-Control: max-age=92642 

                                        
                                            
Date: Mon, 07 Nov 2022 08:32:41 GMT 

                                        
                                            
Etag: "6367792b-1d7" 

                                        
                                            
Expires: Tue, 08 Nov 2022 10:16:43 GMT 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT 

                                        
                                            
Server: ECS (ska/F717) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    d862f992e9902530594e7aca425f129b

                                                Sha1:   25b414fe833d30b52928535d659a1ee281b82e3a

                                                Sha256: 0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2" 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=10353 

                                        
                                            
Expires: Mon, 07 Nov 2022 11:25:15 GMT 

                                        
                                            
Date: Mon, 07 Nov 2022 08:32:42 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    2e37c89a5a7f608a21ac42b87ee0f7fc

                                                Sha1:   55132fb03671e178b7e186da48ac7e02d6e96e23

                                                Sha256: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2" 

                                        
                                            
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=10353 

                                        
                                            
Expires: Mon, 07 Nov 2022 11:25:15 GMT 

                                        
                                            
Date: Mon, 07 Nov 2022 08:32:42 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    2e37c89a5a7f608a21ac42b87ee0f7fc

                                                Sha1:   55132fb03671e178b7e186da48ac7e02d6e96e23

                                                Sha256: 6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10462 

                                        
                                            
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: aMF6oEz_oAMF8Hg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA== 

                                        
                                            
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 07 Nov 2022 06:28:00 GMT 

                                        
                                            
age: 7482 

                                        
                                            
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10462

                                                Md5:    4e2853cc6ec6223160471401e6871f4b

                                                Sha1:   f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c

                                                Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefee2ae9-d184-46f8-a533-ea273a91af2e.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10259 

                                        
                                            
x-amzn-requestid: ae2a64bf-cd9f-4ff7-a983-0bb2878b6875 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: bMtUsHtPIAMFcFA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-636828ea-09168b3147e89dd82c1dac43;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 06 Nov 2022 21:36:42 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: unEiI90qfLjOa-EK2vuA-bQkOP83y7hW9Xaqh8r6jLJdWAfz18CQEQ== 

                                        
                                            
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 06 Nov 2022 21:39:11 GMT 

                                        
                                            
age: 39211 

                                        
                                            
etag: "a2bed4ca0144a095081328d8764425a1db201cd6" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10259

                                                Md5:    e77fbdbce177ac614b2927102fc12829

                                                Sha1:   a2bed4ca0144a095081328d8764425a1db201cd6

                                                Sha256: 4883c9adc382eae7b7caf635c27b1ef5710764a419f38187ed67e1b48e14a8b9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba2be0c-46a2-4aa1-be6e-09cafbba66a9.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7309 

                                        
                                            
x-amzn-requestid: 0d1c4df8-769e-497b-999c-b1087d79dfe4 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: bKLIGGWHIAMFhiw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63672566-1745417f7ed16a0576321e03;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 06 Nov 2022 03:09:26 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P2, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: Jxy0K13kA9KV6V4d_-nxs7HZk7J2JgKeJFsC1NXhJI0SvEBXSuRBbQ== 

                                        
                                            
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 07 Nov 2022 03:38:14 GMT 

                                        
                                            
age: 17668 

                                        
                                            
etag: "7e7ba87cfbc21acc28219c68521eedd6d3f614a0" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7309

                                                Md5:    1190aa1b3db742f1cc476e53b34479b7

                                                Sha1:   7e7ba87cfbc21acc28219c68521eedd6d3f614a0

                                                Sha256: 6724e0c14b11cf9ef8c2050116115e5f7985f744184a7d2e8ea4c0189bd1997d

URL	pastebin.com/raw/0v6Vs6Ca
IP	172.67.34.170 (United States)
ASN	#13335 CLOUDFLARENET
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-07 08:32:51 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (6)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.34.170

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: pastebin.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (19)

Overview

Domain Summary (6)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.34.170

Last 5 reports on ASN: CLOUDFLARENET

Last 5 reports on domain: pastebin.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (19)

Network Intrusion Detection Systems