Overview

URL almamunonline.net/pun/yAYZlBYbWJ.zip
IP209.240.106.234
ASNTURNKEY-INTERNET
Location United States
Report completed2022-08-05 13:06:40 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-08-05 2 almamunonline.net/pun/yAYZlBYbWJ.zip Malware
2022-08-05 2 almamunonline.net/wp-content/plugins/under-construction-page/themes/css/com (...) Malware
2022-08-05 2 almamunonline.net/wp-content/plugins/under-construction-page/themes/plain_t (...) Malware
2022-08-05 2 almamunonline.net/wp-content/plugins/under-construction-page/themes/fonts/f (...) Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (10)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] fonts.gstatic.com (2) 0 2017-01-30 04:59:51 UTC 2022-08-05 04:56:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-08-05 04:56:14 UTC 142.250.74.3
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-08-05 07:19:54 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-05 05:06:17 UTC 34.212.13.96
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-05 06:49:03 UTC 34.120.237.76
[Mnemonic Passive DNS] r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-08-05 04:57:18 UTC 23.36.76.226
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.35
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-05 05:06:42 UTC 54.230.111.7
[Mnemonic Passive DNS] almamunonline.net (8) 0 2020-09-24 08:19:52 UTC 2022-06-12 07:03:06 UTC 209.240.106.234 Unknown ranking


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 209.240.106.234

Date UQ / IDS / BL URL IP
2022-08-14 18:14:51 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-14 18:11:24 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-14 01:44:14 +0000
0 - 0 - 4 almamunonline.net/pun/vv7HQuZzpE.zip 209.240.106.234
2022-08-12 01:50:04 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-11 20:25:07 +0000
0 - 0 - 4 almamunonline.net/pun/vv7HQuZzpE.zip 209.240.106.234
2022-08-11 20:12:10 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-11 20:12:11 +0000
0 - 0 - 4 almamunonline.net/pun/yAYZlBYbWJ.zip 209.240.106.234
2022-08-11 01:04:28 +0000
0 - 0 - 4 almamunonline.net/pun/yAYZlBYbWJ.zip 209.240.106.234
2022-08-10 22:25:30 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-10 22:23:20 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234

Last 10 reports on ASN: TURNKEY-INTERNET

Date UQ / IDS / BL URL IP
2022-08-14 18:14:51 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-14 18:12:52 +0000
0 - 0 - 40 heartsathome.org/tede/nssicetinmoun 162.250.203.76
2022-08-14 18:11:24 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-14 16:51:44 +0000
0 - 0 - 1 aeclive.com/ 209.240.109.54
2022-08-14 16:29:24 +0000
0 - 0 - 3 badeggdesign.com/cgi-bin/nxr5_o_d6vmj/ 67.231.253.67
2022-08-14 16:28:34 +0000
0 - 0 - 3 badeggdesign.com/cgi-bin/1u4da-ysy-303765/ 67.231.253.67
2022-08-14 16:26:48 +0000
0 - 0 - 11 temptmag.com/private_array/corporate_forum/Hh (...) 173.233.72.81
2022-08-14 16:26:30 +0000
0 - 0 - 3 temptmag.com/private_array/form/rxebzllhn-956/ 173.233.72.81
2022-08-14 14:16:47 +0000
0 - 0 - 6 https://skydivingdzs.com/ae/icnquuintid 173.198.233.106
2022-08-14 11:08:58 +0000
0 - 0 - 40 heartsathome.org/tede/nsuqiii 162.250.203.76

Last 10 reports on domain: almamunonline.net

Date UQ / IDS / BL URL IP
2022-08-14 18:14:51 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-14 18:11:24 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-14 01:44:14 +0000
0 - 0 - 4 almamunonline.net/pun/vv7HQuZzpE.zip 209.240.106.234
2022-08-12 01:50:04 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-11 20:25:07 +0000
0 - 0 - 4 almamunonline.net/pun/vv7HQuZzpE.zip 209.240.106.234
2022-08-11 20:12:10 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-11 20:12:11 +0000
0 - 0 - 4 almamunonline.net/pun/yAYZlBYbWJ.zip 209.240.106.234
2022-08-11 01:04:28 +0000
0 - 0 - 4 almamunonline.net/pun/yAYZlBYbWJ.zip 209.240.106.234
2022-08-10 22:25:30 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234
2022-08-10 22:23:20 +0000
0 - 0 - 4 almamunonline.net/pun/0P7MeZKI39.zip 209.240.106.234


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (31)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34"
Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9260
Expires: Fri, 05 Aug 2022 15:40:49 GMT
Date: Fri, 05 Aug 2022 13:06:29 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Content-Type, Alert, Backoff, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 05 Aug 2022 12:52:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UmggpR4NqDDOOKlO8tKnEtBrY_ZIsFzYO1NO4aMEkfN8y2L2HyryoA==
Age: 816


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    c98c56ff7bc7ba547517573963f425e3
Sha1:   58c8dccc28ecd76424af6ed9988575a35cf8a0c2
Sha256: d57d9d5e87e8761ffdf790ff762307f5c823e8e8241781797373c10e076ec44e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 05 Aug 2022 04:15:27 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: diEddNkUlBOtDHXQ-3LiSfbB07GOxZ51FzkRCVJ2S4s3AZmvp1LyQg==
age: 31863
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            GET /pun/yAYZlBYbWJ.zip HTTP/1.1 
Host: almamunonline.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         209.240.106.234
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Retry-After: 86400
Content-Length: 828
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 05 Aug 2022 13:06:29 GMT
Server: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size:   828
Md5:    f855c6261d5bcc3a0c19eb525ccaf6f2
Sha1:   c7c60ad40def27cb65bce1b54ed7ae46a79c42b7
Sha256: bdb2f59d20e9f3f092d00e8356838ac8684aa382f8306734e1901fb6115e3530

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Fri, 05 Aug 2022 13:06:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 05 Aug 2022 13:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/under-construction-page/themes/css/common.css?v=3.93 HTTP/1.1 
Host: almamunonline.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://almamunonline.net/pun/yAYZlBYbWJ.zip

                                         
                                         209.240.106.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=2592000
Expires: Sun, 04 Sep 2022 13:06:29 GMT
Last-Modified: Tue, 24 May 2022 06:46:29 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 450
Date: Fri, 05 Aug 2022 13:06:29 GMT
Server: LiteSpeed


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   450
Md5:    a9a64e2db9602cba015b6104ee7bccd2
Sha1:   c4de6cd29d95db58da4d513ef445eb9e16729ecd
Sha256: 196c862f117403bd928b0316e8037fcc7c8e9a9365b10a95621be9eced79e2f3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 05 Aug 2022 13:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/under-construction-page/themes/css/font-awesome.min.css?v=3.93 HTTP/1.1 
Host: almamunonline.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://almamunonline.net/pun/yAYZlBYbWJ.zip

                                         
                                         209.240.106.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=2592000
Expires: Sun, 04 Sep 2022 13:06:29 GMT
Last-Modified: Tue, 24 May 2022 06:46:29 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6989
Date: Fri, 05 Aug 2022 13:06:29 GMT
Server: LiteSpeed


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   6989
Md5:    73fafde2ed0b8af35533aef217310350
Sha1:   07ffb382423d12967d70ae85b36a6bbf16327678
Sha256: 8448460374395f6645aa937ab83a5b7eebd7b35cdc8f8e875fa4cb7a92a63eab
                                        
                                            GET /wp-content/plugins/under-construction-page/themes/plain_text/style.css?v=3.93 HTTP/1.1 
Host: almamunonline.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://almamunonline.net/pun/yAYZlBYbWJ.zip

                                         
                                         209.240.106.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=2592000
Expires: Sun, 04 Sep 2022 13:06:29 GMT
Last-Modified: Tue, 24 May 2022 06:46:30 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 622
Date: Fri, 05 Aug 2022 13:06:29 GMT
Server: LiteSpeed


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   622
Md5:    86b01974928bd114848e0bc5fba30fcc
Sha1:   a4dc905aa887c7be9503b1016ba31c8cf4adefa3
Sha256: 75867464353c6761e950be05fb8422a863ab777aa213b16f6849535d9b882184

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/under-construction-page/themes/css/bootstrap.min.css?v=3.93 HTTP/1.1 
Host: almamunonline.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://almamunonline.net/pun/yAYZlBYbWJ.zip

                                         
                                         209.240.106.234
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=2592000
Expires: Sun, 04 Sep 2022 13:06:29 GMT
Last-Modified: Tue, 24 May 2022 06:46:29 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 19714
Date: Fri, 05 Aug 2022 13:06:29 GMT
Server: LiteSpeed


--- Additional Info ---
Magic:  ASCII text, with very long lines (65371)
Size:   19714
Md5:    572faaf4a4e3d7cdb0812939c3dcd68b
Sha1:   251156396b9886492b1a57d47fb2ae26652ab79e
Sha256: 65cfe7aa5c2a749e4a0c6d8a6dbc950a78f6cf73ff55a980c608e63c5bd726fe
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 05 Aug 2022 13:04:01 GMT
Cache-Control: max-age=3600
Expires: Fri, 05 Aug 2022 12:32:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y_k4fYwIqC4itJw_22kNp1Mc9vsVxwE-PwhXkqp0K8q7UTAl6StYAA==
Age: 3015


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 05 Aug 2022 13:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/under-construction-page/themes/plain_text/ucp-cog.png HTTP/1.1 
Host: almamunonline.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://almamunonline.net/pun/yAYZlBYbWJ.zip

                                         
                                         209.240.106.234
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=7776000
Expires: Thu, 03 Nov 2022 13:06:29 GMT
Last-Modified: Tue, 24 May 2022 06:46:30 GMT
Accept-Ranges: bytes
Content-Length: 4026
Date: Fri, 05 Aug 2022 13:06:29 GMT
Server: LiteSpeed


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   4026
Md5:    681d9fea92467c7f1ed22bde59350c24
Sha1:   657b331834626baac8592984a683d64cbc38e045
Sha256: 8386858d306bc25e56bce985206c92c1cfb06466a5cd98c6cc935383417277e0
                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://almamunonline.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12848
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 Aug 2022 16:43:29 GMT
expires: Fri, 04 Aug 2023 16:43:29 GMT
cache-control: public, max-age=31536000
age: 73380
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12848, version 1.0\012- data
Size:   12848
Md5:    f0b3206d02a2f684530117ce1d7e8ce0
Sha1:   f3708b707b65e241b0f1c819d5f7bf7da8412653
Sha256: f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 05 Aug 2022 13:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://almamunonline.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 Aug 2022 06:06:20 GMT
expires: Fri, 04 Aug 2023 06:06:20 GMT
cache-control: public, max-age=31536000
age: 111610
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size:   12708
Md5:    b4a68b1e743ee317eaaf0bbadd131571
Sha1:   f24f7823d4e3830c7cfa5bcb33733d2897c00f13
Sha256: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 05 Aug 2022 13:06:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/under-construction-page/themes/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: almamunonline.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://almamunonline.net/wp-content/plugins/under-construction-page/themes/css/font-awesome.min.css?v=3.93

                                         
                                         209.240.106.234
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=31536000
Expires: Sat, 05 Aug 2023 13:06:29 GMT
Last-Modified: Tue, 24 May 2022 06:46:30 GMT
Accept-Ranges: bytes
Content-Length: 77160
Date: Fri, 05 Aug 2022 13:06:29 GMT
Server: LiteSpeed
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4397
Cache-Control: max-age=159248
Date: Fri, 05 Aug 2022 13:06:30 GMT
Etag: "62eccfb9-1d7"
Expires: Sun, 07 Aug 2022 09:20:38 GMT
Last-Modified: Fri, 05 Aug 2022 08:07:21 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/plugins/under-construction-page/themes/images/favicon.png HTTP/1.1 
Host: almamunonline.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://almamunonline.net/pun/yAYZlBYbWJ.zip

                                         
                                         209.240.106.234
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Connection: Keep-Alive
Cache-Control: public, max-age=7776000
Expires: Thu, 03 Nov 2022 13:06:30 GMT
Last-Modified: Tue, 24 May 2022 06:46:30 GMT
Accept-Ranges: bytes
Content-Length: 4026
Date: Fri, 05 Aug 2022 13:06:30 GMT
Server: LiteSpeed


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   4026
Md5:    681d9fea92467c7f1ed22bde59350c24
Sha1:   657b331834626baac8592984a683d64cbc38e045
Sha256: 8386858d306bc25e56bce985206c92c1cfb06466a5cd98c6cc935383417277e0
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yyTXqdjXlzOiFOK3P0FxHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.13.96
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EpEt583xdtEkwBlmKmayNhZcAC8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8521
Expires: Fri, 05 Aug 2022 15:28:32 GMT
Date: Fri, 05 Aug 2022 13:06:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8521
Expires: Fri, 05 Aug 2022 15:28:32 GMT
Date: Fri, 05 Aug 2022 13:06:31 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8521
Expires: Fri, 05 Aug 2022 15:28:32 GMT
Date: Fri, 05 Aug 2022 13:06:31 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5534e-9801-465a-96f2-766e87153fdf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10876
x-amzn-requestid: 9a0a5e75-6e57-4de8-b478-a8919b69dc3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WREGbHBIIAMF68w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62e9e6f5-10b310e1661fa629091afaa5;Sampled=0
x-amzn-remapped-date: Wed, 03 Aug 2022 03:09:41 GMT
x-amz-cf-pop: YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: u4vkonvRIwC3WvAdd07v-guyqYvT1RkCA-pUaZW6tWgKYnPP6eU08w==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 5c6526bb54cf9233578cb72c28111052.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 03:46:52 GMT
age: 33579
etag: "edbc581f04ef31a8ed767099ec75036fbf8325aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10876
Md5:    509c8b427f9f5d83e4151c7fdbf41584
Sha1:   edbc581f04ef31a8ed767099ec75036fbf8325aa
Sha256: 332aeca25dca05eec3575a3523401f1a1b8d47be703c75341154fdae9e7b8fc6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44742514-d09b-47c6-b87d-280489ead14e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9292
x-amzn-requestid: c6a6620d-ba85-449e-a929-fb7d2b692c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WW5OTFm9oAMFuQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ec3bf4-446d4a213934612121414e0e;Sampled=0
x-amzn-remapped-date: Thu, 04 Aug 2022 21:36:52 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: uUVfUqH07GN8mlzoBzwe9YlC3IPophf7cXaB32p-Jvc9OA0uV9YXJg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 040bad3c7f7db09654c66da40c719fb0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 04 Aug 2022 21:40:35 GMT
age: 55556
etag: "969984181328d015607367853b091829686da82f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9292
Md5:    34a74b92d9fc09b11d5e239c1f7238d8
Sha1:   969984181328d015607367853b091829686da82f
Sha256: 09c99cdf79f21a52764e9c264ce1da90b0e74ddd28b1bba5bc3fc3f208570a66
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1057fe2-29ba-457b-9cf8-a234d92efec8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9802
x-amzn-requestid: 5d2b8270-54d1-42f9-8f30-2ba46184e921
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WGdt6HYCoAMFRYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62e5a98c-196c49631f4d857d1a9784db;Sampled=0
x-amzn-remapped-date: Sat, 30 Jul 2022 21:58:36 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4eX7KV0KW8RCbbJyLlenfANDVpvrGD-zBXY-9drPbZQNQRwd3pk2gg==
via: 1.1 fec77e486350d1bd33f526a760d8b5a4.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 04 Aug 2022 22:12:34 GMT
age: 53637
etag: "878a6a256d44c3720bf58ac36dbecc49f2417831"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9802
Md5:    218403b6db6a6973524905fd4aebaaa0
Sha1:   878a6a256d44c3720bf58ac36dbecc49f2417831
Sha256: d60dcca1085372c4e3960f22b58f24831ee73f30f4876a40adf41db4ea29eabd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8471045c-6df2-41fe-866d-bd05eb4ab46a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6453
x-amzn-requestid: aecda6e5-bf8d-4587-add4-c9407b91e987
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: VtWu7EQ_IAMF17g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62db9e5f-0c2eb0ae1076e1051df30cf4;Sampled=0
x-amzn-remapped-date: Sat, 23 Jul 2022 07:08:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BsHl9-bZQXr44AKfxCjtJEdyuCadEmLMSD0ajKHfX7Jo7stNHKSvqw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 11:13:26 GMT
age: 6785
etag: "305c789778e8f387ee37e97d1ba3c32d9b351845"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6453
Md5:    4cbff58b2ccb7fb2c69317218ae1e436
Sha1:   305c789778e8f387ee37e97d1ba3c32d9b351845
Sha256: ac478f05f1b699cdac4a4d6c9db9c0343d2351c2a7511e8f8132eb8c053cc4fb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc784bce7-8d03-4e3d-9cb0-d693727bdedd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 12738
x-amzn-requestid: 75aa2a01-23f9-4d26-9393-0e34bdb7d919
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WW5NRF3DIAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ec3bee-129cb6d10824a106136f1901;Sampled=0
x-amzn-remapped-date: Thu, 04 Aug 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Hit from cloudfront
x-amz-cf-id: zCQQHy19EggGF1tdmZM8bsFtgu2HFsgt7x7SZQkUD5_Yu1gg8HHAgQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 9b34a4c8b07eed6c2ff20b5adbbfa7c4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 04 Aug 2022 21:40:29 GMT
age: 55562
etag: "9f64c3f3eb43707d06563dfbc45973fd8cec914f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12738
Md5:    0cc5d2ca53e113f75d06592dc99af438
Sha1:   9f64c3f3eb43707d06563dfbc45973fd8cec914f
Sha256: 26c5a16d97987bce61cbaab0c193d70f6700d39d2b5ec35b34a0745dd776e735
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bda9d1d-e7d2-4beb-b172-566cac219173.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6163
x-amzn-requestid: 926980e1-e103-415d-806c-affc9b623e25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WW5JCGDwIAMFa4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ec3bd3-037ec4ca0d11ca397ca087bf;Sampled=0
x-amzn-remapped-date: Thu, 04 Aug 2022 21:36:19 GMT
x-amz-cf-pop: HIO50-C1, YVR50-C1
x-cache: Miss from cloudfront
x-amz-cf-id: Pjt1WG05kEIbpju9FEaj7GW46g1C8JDZS9k9BJ0JvtO2bfRzpjSo6w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 e94af8eda63444d7836dbe832a0a5c54.cloudfront.net (CloudFront), 1.1 google
date: Thu, 04 Aug 2022 21:40:35 GMT
etag: "fa8b28cdfe5354ac9167a3d6f9483598c01157a5"
content-type: image/jpeg
age: 55556
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6163
Md5:    e7a0cfb1de3d318660096ee50bd33b69
Sha1:   fa8b28cdfe5354ac9167a3d6f9483598c01157a5
Sha256: b46f623cdc849a089e3734ec6ac559b0d04400f07dad90919afbb5fb0297a513