Overview

URLsiparisler.github.io/586v/04.07.2022_pazartesi_siparisler.xlsx
IP 185.199.108.153 (United States)
ASN#54113 FASTLY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-12 05:06:30 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (9)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
siparisler.github.io (2) 0 2022-06-30 09:56:04 UTC 2022-11-11 11:58:33 UTC 185.199.108.153 Unknown ranking
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-11 05:46:42 UTC 34.102.187.140
r3.o.lencr.org (5) 344 No data No data 23.36.76.226
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-11 05:51:39 UTC 34.117.237.239
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 44.236.232.139
siparisler.github.io (2) 0 2022-06-30 09:56:04 UTC 2022-11-11 11:58:33 UTC 185.199.109.153 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-12 2 siparisler.github.io/586v/04.07.2022_pazartesi_siparisler.xlsx Malware
2022-11-12 2 siparisler.github.io/586v/04.07.2022_pazartesi_siparisler.xlsx Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.199.108.153
Date UQ / IDS / BL URL IP
2023-01-31 04:27:30 +0000 15 - 0 - 4 piyushpatilx.github.io/ig-login 185.199.108.153
2023-01-30 16:43:29 +0000 0 - 0 - 6 sumagayathri-999.github.io/NetflixClone/ 185.199.108.153
2023-01-30 15:58:27 +0000 0 - 0 - 3 1to100yt.github.io/www.netflix.com/ 185.199.108.153
2023-01-30 13:59:07 +0000 0 - 0 - 2 noubarijou.github.io/netflixlandingpageclone 185.199.108.153
2023-01-30 13:58:43 +0000 0 - 0 - 5 alihasnain123.github.io/facebook-page 185.199.108.153


Last 5 reports on ASN: FASTLY
Date UQ / IDS / BL URL IP
2023-01-31 13:09:21 +0000 0 - 0 - 0 cohesity.com 23.185.0.4
2023-01-31 12:47:18 +0000 0 - 0 - 2 xqjatsazuk.web.app/ 199.36.158.100
2023-01-31 12:42:37 +0000 4 - 0 - 4 dnbauth2.firebaseapp.com/ 199.36.158.100
2023-01-31 12:41:19 +0000 0 - 1 - 0 raw.githubusercontent.com/0fflineDocs/Defende (...) 185.199.109.133
2023-01-31 12:23:39 +0000 0 - 0 - 2 byochange.org/wp-admin/css/colors/light/wlsh0 (...) 151.101.194.159


Last 5 reports on domain: siparisler.github.io
Date UQ / IDS / BL URL IP
2023-01-30 09:22:47 +0000 0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.108.153
2023-01-30 06:11:56 +0000 0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.110.153
2023-01-30 02:59:00 +0000 0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.110.153
2023-01-29 23:46:54 +0000 0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.111.153
2023-01-29 20:35:49 +0000 0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.109.153


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-23 08:37:37 +0000 0 - 0 - 2 morcelik.github.io/ao5o/24.06.2022.cuma.ihtiy (...) 185.199.108.153
2023-01-21 09:21:06 +0000 0 - 0 - 2 morcelik.github.io/ao5o/24.06.2022.cuma.ihtiy (...) 185.199.111.153
2022-11-10 16:43:34 +0000 0 - 0 - 2 siparisler.github.io/586v/04.07.2022_pazartes (...) 185.199.110.153
2022-11-10 15:13:43 +0000 0 - 0 - 2 ogumeta.github.io/gmjggzt/01.06.2023_genel_si (...) 185.199.110.153
2022-11-10 14:40:58 +0000 0 - 0 - 2 morcelik.github.io/ao5o/24.06.2022.cuma.ihtiy (...) 185.199.110.153

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (21)


Request Response
                                        
                                            GET /586v/04.07.2022_pazartesi_siparisler.xlsx HTTP/1.1 
Host: siparisler.github.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         185.199.109.153
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Connection: keep-alive
Content-Length: 162
Server: GitHub.com
permissions-policy: interest-cohort=()
Location: https://siparisler.github.io/586v/04.07.2022_pazartesi_siparisler.xlsx
X-GitHub-Request-Id: 4166:92A9:62C442:65A6A7:636F29CC
Accept-Ranges: bytes
Date: Sat, 12 Nov 2022 05:06:20 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1646-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1668229580.023787,VS0,VE108
Vary: Accept-Encoding
X-Fastly-Request-ID: c239c64ac729ff133f4a0e196b2d80c56b4627ac


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5207
Expires: Sat, 12 Nov 2022 06:33:07 GMT
Date: Sat, 12 Nov 2022 05:06:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6049
Cache-Control: max-age=111956
Date: Sat, 12 Nov 2022 05:06:20 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:12:16 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 04:44:00 GMT
cache-control: public,max-age=3600
age: 1340
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4736bac84ca28f2b1e961159fb4ea098
Sha1:   1319612979f53896fcfeacd4215c2715d4951e4c
Sha256: 5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7443
Expires: Sat, 12 Nov 2022 07:10:23 GMT
Date: Sat, 12 Nov 2022 05:06:20 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: /9VJk6JVPDLJJx28I/S8GrMKvedFKpbhmYcTNGKPtQzSEuVrp1DMmgpkbDaGdX33BnjKsnHvYnY=
x-amz-request-id: 26V1XC6SPZ3673WB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 04:50:06 GMT
age: 974
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 12 Nov 2022 05:06:20 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /586v/04.07.2022_pazartesi_siparisler.xlsx HTTP/1.1 
Host: siparisler.github.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         185.199.108.153
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
                                        
server: GitHub.com
permissions-policy: interest-cohort=()
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"6317e2ab-247b"
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: CA28:4C08:202D84E:2120FD3:636F29CC
accept-ranges: bytes
date: Sat, 12 Nov 2022 05:06:20 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1656-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668229580.311573,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 85c60a502e37c026207d31f5b5c679da0793a45a
content-length: 5232
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3909)
Size:   5232
Md5:    9e153320896acc099d55d0063a13c3f1
Sha1:   450359be030d156afed3730836fa8bcdba0303f0
Sha256: 7c7764e1634baa3482e3c38f79d66e64987b5b061e1fa0dfe4cd495e5ac73828

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 04:44:48 GMT
cache-control: public,max-age=3600
age: 1292
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5724
Cache-Control: max-age=106555
Date: Sat, 12 Nov 2022 05:06:21 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:42:16 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CPKFATWCg7hVdycxxwHQdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         44.236.232.139
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PkG8lSuLIcBzAiYzAZQHqTf76xY=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10159
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 05:06:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10159
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 05:06:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10159
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 05:06:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6fac57d-aa5c-42c2-904b-58aa73c59975.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4268
x-amzn-requestid: 19d2f4e7-b6c1-4093-b54c-70a9a476ad89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhSEwYIAMFg7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-6e2f5a6147153e5c32cc4499;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1tbxcsSYcJuquYxeYfqcwaQaHpWmL9jwX31h1ZIyXO6i5A8gIbFQmA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "a3af603900538ea10e094981d298a0b37d0ab896"
age: 26470
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4268
Md5:    701700f42e1b0e528a63c3bd2a4c54e7
Sha1:   a3af603900538ea10e094981d298a0b37d0ab896
Sha256: c84ac2d3524eb950a433aa01e1226d995d87948452e4e135a4661094923ca465
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 25539
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9012
Md5:    516f1bfefb1c1a737ea2441f85343b32
Sha1:   0cc22d7bf9092fb30f31e2ca8f242c197b891669
Sha256: 733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OKFzEoCVITStAPxYzhksarrlTkVeATx6AzBnEK32WLFaOeEIwLMu_Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
age: 26470
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8953
Md5:    f09e254cd6f2e29b3bf198cc5d58a46f
Sha1:   fa34520e849bf746ff43aec3d28beb9e4be44f4d
Sha256: 2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
age: 26470
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11715
Md5:    cd5bdc050716bb76afe8090fc81617e7
Sha1:   5109c156b180727767fc03c411190ccc0d3fb5fc
Sha256: 9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1f07200-a0e4-465e-bc11-b3424eba7096.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10456
x-amzn-requestid: cc1c934a-b8ce-4e29-b310-86b66d95e899
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMi0FjXoAMFrNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec145-10f3b3337c0f36dc332c14ab;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4gTzTudW36C5kDgQwnhj7wQlWkR2HbN7RZ09hOuTu-uBGM4ey_0Nug==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:24:15 GMT
etag: "3749f05591d2477f6001e7f5165d62f1590f1095"
age: 24127
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10456
Md5:    bb7a3aa9e5cea21f0871115448cc9c77
Sha1:   3749f05591d2477f6001e7f5165d62f1590f1095
Sha256: e4b8e2a5980c674b4e06e90c67e84125515a93716b8d4ff5b659d8d47d0b2f16
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84f5d648-d178-4f63-98ef-7a2f4504174e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7493
x-amzn-requestid: 077e815e-bbfc-472c-9d22-a9f0e7cda511
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNDhGYvIAMFygQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec216-3a8a5a6f41b8ade53ff48dce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:50 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4OOiKELCGHOkACWtRl9DqyfkKqKzqa1FwNJKQ5aOq2Ivb6pDfPYLWw==
via: 1.1 feda34dcbf6a00e232656b7983c2c7f0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:55 GMT
age: 25527
etag: "96a4243e7f538fdd4e0aec4f39b058a08a4898e9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7493
Md5:    93d01c3c2422df3f7994d3496069dc37
Sha1:   96a4243e7f538fdd4e0aec4f39b058a08a4898e9
Sha256: 1fbc7efb3dfb058984abf1fbe60021212ff1bca8e366f03b1752c615e5249e55
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c82c0c-226f-4611-8f71-7008a26329d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7753
x-amzn-requestid: 94f6f121-05f6-4a30-a2f8-0c889c12cfb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNMGE_qIAMF1YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec24d-2c974fd346d2d5c83d04e4a3;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:44:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5JllMu67q1dI-gKl2lQ8-1OT38uEfvZsNpYyAo_R5a3Wz77qg6Xx1Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:15:22 GMT
etag: "a5b2808681a3a5c181ca4686b2bd004cce3f9374"
age: 24666
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7753
Md5:    8d11673991a9fe0eb431fa7d7d60c8a4
Sha1:   a5b2808681a3a5c181ca4686b2bd004cce3f9374
Sha256: 3fa3569b07acad3ffb2e1655ad40aacd4c1dd2738596735def18723dca6256c2