urlquery - report: eduniversia.org/ad-quia/documents.zip

Overview

URL	eduniversia.org/ad-quia/documents.zip
IP	192.254.236.15
ASN	UNIFIEDLAYER-AS-1
Location	United States
Report completed	2022-06-25 05:26:39 UTC
Status	Loading report..
urlquery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-06-25	2	eduniversia.org/ad-quia/documents.zip	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (8)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	eduniversia.org (2)	0	2019-04-12 07:05:55 UTC	2021-03-09 15:10:11 UTC	192.254.236.15	Unknown ranking
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-06-25 04:30:13 UTC	54.230.111.14
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-06-24 20:37:53 UTC	93.184.220.29
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-06-25 04:22:07 UTC	35.163.37.142
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-06-24 14:28:57 UTC	34.120.237.76
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.65
[Mnemonic Passive DNS]	r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-06-25 04:21:56 UTC	23.36.76.226

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 192.254.236.15

Date	UQ / IDS / BL	URL	IP
2022-08-14 23:56:21 +0000	0 - 0 - 1	apdup.com/ex-rerum/documents.zip	192.254.236.15
2022-08-14 22:22:47 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15
2022-08-14 18:36:24 +0000	0 - 0 - 1	redtrabajos.net/quod-praesentium/documents.zip	192.254.236.15
2022-08-14 18:18:57 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15
2022-08-13 23:56:35 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15
2022-08-13 22:35:18 +0000	0 - 0 - 1	redtrabajos.net/quod-praesentium/documents.zip	192.254.236.15
2022-08-13 22:27:59 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-13 16:02:02 +0000	0 - 0 - 1	redtrabajos.net/quod-praesentium/documents.zip	192.254.236.15
2022-08-13 13:25:16 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15
2022-08-12 01:51:16 +0000	0 - 0 - 1	redtrabajos.com/iure-ea/documents.zip	192.254.236.15

Last 10 reports on ASN: UNIFIEDLAYER-AS-1

Date	UQ / IDS / BL	URL	IP
2022-08-15 15:40:32 +0000	0 - 0 - 2	homi-egypt.com/thumbs/01	50.87.145.9
2022-08-15 15:39:44 +0000	0 - 0 - 1	https://yfo.yag.mybluehost.me/wp-content/uplo (...)	162.241.224.176
2022-08-15 15:36:18 +0000	0 - 0 - 3	https://unlockingdreamsfinancial.com/wp-conte (...)	67.222.38.82
2022-08-15 15:29:49 +0000	0 - 0 - 3	krusevo.gov.mk/update/ekologija/UbgpSdWbccCcY6MM/	104.152.64.207
2022-08-15 15:21:01 +0000	0 - 0 - 3	www.hoppersstop.com/file/?email=ebcs.northam@ (...)	192.185.107.171
2022-08-15 15:17:20 +0000	0 - 0 - 24	discoveryast.com/snap/5X/6w/NYPqyCRW.zip	192.254.186.118
2022-08-15 15:05:30 +0000	0 - 0 - 3	mysouthbay.com/wp-content/uploads/supsss.exe	50.87.248.26
2022-08-15 15:05:24 +0000	0 - 0 - 3	mysouthbay.com/wp-content/uploads/2020/sup.exe	50.87.248.26
2022-08-15 15:05:19 +0000	0 - 0 - 3	mysouthbay.com/wp-content/uploads/2021/neww.exe	50.87.248.26
2022-08-15 15:04:59 +0000	0 - 0 - 3	mysouthbay.com/wp-content/uploads/2021/11/new (...)	50.87.248.26

Last 10 reports on domain: eduniversia.org

Date	UQ / IDS / BL	URL	IP
2022-08-13 22:27:59 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-10 06:57:51 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-09 22:42:25 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-09 06:07:01 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-08 05:48:19 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-04 16:54:58 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-08-04 05:31:22 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-07-31 11:40:06 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-07-30 22:31:13 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15
2022-07-28 17:17:05 +0000	0 - 0 - 1	eduniversia.org/ad-quia/documents.zip	192.254.236.15

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (20)

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 25 Jun 2022 04:45:13 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: oI4ZRozDfSdgKDkBkoYg5q9UaBw5eI250ND6LmLRLHrAAiX5lX0-Ig== Age: 2470 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B2CEB864B9C1A231269357C6D1FFC192D76116996A5363EE4A1B4B149AAD447A" Last-Modified: Fri, 24 Jun 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7355 Expires: Sat, 25 Jun 2022 07:28:58 GMT Date: Sat, 25 Jun 2022 05:26:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4ee093bb327d344f08701694f6ff84ac Sha1: 15f704888f8f44953533a26728aca3f09e91aa95 Sha256: b2ceb864b9c1a231269357c6d1ffc192d76116996a5363ee4a1b4b149aad447a
GET /ad-quia/documents.zip HTTP/1.1 Host: eduniversia.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 679 Md5: ff35b5b706a2eeb3f22198a99655c4cd$ 192.254.236.15 HTTP/1.1 500 Internal Server Error Content-Type: text/html; charset=iso-8859-1 Date: Sat, 25 Jun 2022 05:26:23 GMT Server: Apache Content-Length: 679 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 679 Md5: ff35b5b706a2eeb3f22198a99655c4cd Sha1: 5302382f254cbd998537730e9d7ec5dd15b38006 Sha256: c716f9b1d43f912570af9441d2e7d3c60fd9f8ff5369e79e41e53831301849b5 Alerts: Blocklists: - fortinet: Malware
GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Wed, 11 May 2022 19:51:39 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 25 Jun 2022 02:10:52 GMT etag: "48ca0beea419a9039591cf1aee5179e0" x-cache: Hit from cloudfront via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: cDuGoqoFcwe5vFUOJOd3zEnmqTHw4Bm3MVqtyFmlGgyJeD_F1JOxvQ== age: 11731 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 48ca0beea419a9039591cf1aee5179e0 Sha1: 9e92629f505fcc07aab51221e8fe62197a23e307 Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Sat, 25 Jun 2022 05:26:23 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /favicon.ico HTTP/1.1 Host: eduniversia.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://eduniversia.org/ad-quia/documents.zip	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 679 Md5: ff35b5b706a2eeb3f22198a99655c4cd$ 192.254.236.15 HTTP/1.1 500 Internal Server Error Content-Type: text/html; charset=iso-8859-1 Date: Sat, 25 Jun 2022 05:26:23 GMT Server: Apache Content-Length: 679 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 679 Md5: ff35b5b706a2eeb3f22198a99655c4cd Sha1: 5302382f254cbd998537730e9d7ec5dd15b38006 Sha256: c716f9b1d43f912570af9441d2e7d3c60fd9f8ff5369e79e41e53831301849b5
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Sat, 25 Jun 2022 05:11:58 GMT Cache-Control: max-age=3600 Expires: Sat, 25 Jun 2022 05:56:40 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: O9__8EorKzTlIvODbGW8-cLyo2fxYbWydtg9P-VhgRWx48pVSIHwvQ== Age: 866 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5970 Cache-Control: 'max-age=158059' Date: Sat, 25 Jun 2022 05:26:24 GMT Last-Modified: Sat, 25 Jun 2022 03:46:54 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 5418d4480bbfa294028c6b778562f393 Sha1: bcb7d3d3cc6c6611f82b91c4b1702af744f0d1dc Sha256: e921b98f04b35c06b06f310dcefb995932e5702ac7ea6fd7dcce6deab6f31db3
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: EP62mAiRPvqxHn4L5MI2cQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	35.163.37.142 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 1J+I+nYftljP4GGiXYjbI0LXsOo= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15229 Expires: Sat, 25 Jun 2022 09:40:14 GMT Date: Sat, 25 Jun 2022 05:26:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15229 Expires: Sat, 25 Jun 2022 09:40:14 GMT Date: Sat, 25 Jun 2022 05:26:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15229 Expires: Sat, 25 Jun 2022 09:40:14 GMT Date: Sat, 25 Jun 2022 05:26:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15229 Expires: Sat, 25 Jun 2022 09:40:14 GMT Date: Sat, 25 Jun 2022 05:26:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "9A4C6D127F3E8F2083A588B1B6818BD65AF7810F7C768B54964E17690F0BB083" Last-Modified: Fri, 24 Jun 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15229 Expires: Sat, 25 Jun 2022 09:40:14 GMT Date: Sat, 25 Jun 2022 05:26:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 82ecfda8070a1589bab6a0e9d2e093c1 Sha1: 622380ad48f373dfe85ea7f9b03b8405978928d5 Sha256: 9a4c6d127f3e8f2083a588b1b6818bd65af7810f7c768b54964e17690f0bb083
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e1a6fe9-d672-48ca-baa2-178f8f932bef.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3859 Md5: 9e184221a3d30b9f9c2fdef4c63d5038$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 3859 x-amzn-requestid: 7b3434ec-20b7-40e2-ac28-7725cda01b50 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UQGcbHWPIAMFjgQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b6511c-3a098ee03c523e1e0e7463f7;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 00:04:44 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: F15MJYU28y_c1ioYZXsCXcI4P455li6QFWnfbLOkhG_8cbRwPzBIdQ== via: 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 00:32:44 GMT age: 17621 etag: "9e86991c875087af585406da40d79f674ef7fd8f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3859 Md5: 9e184221a3d30b9f9c2fdef4c63d5038 Sha1: 9e86991c875087af585406da40d79f674ef7fd8f Sha256: db442cdbe5f5536621572bfb7ddbb820738a793061376575fcfc2a14ea09ffe8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be9300c-078e-4144-97d1-66404ae8a421.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9333 Md5: e2e6a2c176d5fe91201e8e0aed4ea480$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9333 x-amzn-requestid: 899c7e72-16fd-40d4-ae6c-dab7262c7fa6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: T9qZsEvZIAMF9jw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62aef10a-2e1ee6187c06b1c369b92335;Sampled=0 x-amzn-remapped-date: Sun, 19 Jun 2022 09:48:58 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: TfmBz4gQp2jnWGTOCFJ_Lx3C5jGmVvz76nLWQcx8C0D08XLYxUZF8w== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google date: Fri, 24 Jun 2022 05:28:01 GMT age: 86304 etag: "15d8a2eed57ca34447101b4375deebdbf3d1d42d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9333 Md5: e2e6a2c176d5fe91201e8e0aed4ea480 Sha1: 15d8a2eed57ca34447101b4375deebdbf3d1d42d Sha256: 71ff76b27bec49293c76706a852109414a5dc1307996adcaa9ccad149939abb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3b5bcae-3034-4731-9dc1-3be6d81a98e5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9976 Md5: fc12ac10719a5d30d697d48ea2f69e92$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9976 x-amzn-requestid: ea58e499-1b90-4a57-8a43-db10566c666e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UEQgpF4SIAMFjcA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b1946a-7336748e007aadc1283878ab;Sampled=0 x-amzn-remapped-date: Tue, 21 Jun 2022 09:50:34 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: YSlXjoalp_BemeoW-79pOxO4_akB7x3rFzkXQXilUd6iyRQ6Z6-tuA== via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 00:41:19 GMT age: 17106 etag: "13cd2b52223f39f21da2503057c49b67697367f4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9976 Md5: fc12ac10719a5d30d697d48ea2f69e92 Sha1: 13cd2b52223f39f21da2503057c49b67697367f4 Sha256: e968692e36a2dc9384ecdc4901bf4f7a33ec283fe769bc3a043ae7dc24499b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c7bb93f-4c6d-42b5-a831-042c36642a86.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11480 Md5: 9ef4cae7248ad16848e50f8469de0013$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 11480 x-amzn-requestid: 4defe6d1-1527-479a-bf4a-657f8e7dad3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UQGQdGGfoAMFx0g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b650cf-6fe8e7721d1f55e06d4ece28;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 00:03:27 GMT x-amz-cf-pop: YVR50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 9cciaU_qZBQzskKkgIwP8QMt-2KZY0nO5TGT8_L_qto_UJnkqf0_Ow== via: 1.1 5928d4d9c6b3f72b0368c10c784489cc.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 00:41:23 GMT age: 17102 etag: "c55c8bc0a92dccabb27fb06ad4840d2119ab30a0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11480 Md5: 9ef4cae7248ad16848e50f8469de0013 Sha1: c55c8bc0a92dccabb27fb06ad4840d2119ab30a0 Sha256: 8f3be4069fbcca0aa799118d384e3d482f00e827b276852a2ff5e7dc21f2555c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0af7be57-c021-4d47-bd90-5d5cace7c3ba.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7185 Md5: a65c489bb39edae0d33118d53177aecf$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 7185 x-amzn-requestid: 57208e70-b373-42ac-94cc-09a5bd4af46f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UQGPEHgVIAMFXSA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b650c6-5ea23765529a56e41fac64e9;Sampled=0 x-amzn-remapped-date: Sat, 25 Jun 2022 00:03:18 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: QM6zCK7Qm2j4LjHGNk-rTwjBg7qZdAb5U47yqyYpOog7n6bj6tJwqw== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google date: Sat, 25 Jun 2022 00:06:32 GMT age: 19193 etag: "ee177f2873775e6d9b84bf135c76aa390c73aa89" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7185 Md5: a65c489bb39edae0d33118d53177aecf Sha1: ee177f2873775e6d9b84bf135c76aa390c73aa89 Sha256: 2670d4d81b1a8d5a4fa337f43755f260631d403286a9ca5b28e37423ca53b0ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580fe839-6317-4933-b80d-e5b2f5747f1e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9185 Md5: 4a483346f68228895632d85f410ec420$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9185 x-amzn-requestid: bce0afa7-74d7-4b5a-8175-320249713836 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UPwcZHfaoAMF-dA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62b62de8-6515a45219df3d736b4617eb;Sampled=0 x-amzn-remapped-date: Fri, 24 Jun 2022 21:34:32 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: h5pCvIRWw3XTBwuAzs7zQCFDqBhN_mow8U04SuiqVgCTkihFau8vDA== via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google date: Fri, 24 Jun 2022 21:41:03 GMT age: 27922 etag: "ee81899f15cc970483dbdcdef427c3fd55135a12" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9185 Md5: 4a483346f68228895632d85f410ec420 Sha1: ee81899f15cc970483dbdcdef427c3fd55135a12 Sha256: c5c63f252c83f5abec1430c67793222d6cac221d28170520b7c85c411cf97d16