Overview

URL siparisler.github.io/586v/04.07.2022_PAZARTESI_SIPARISLER.XLSX
IP185.199.109.153
ASNFASTLY
Location United States
Report completed2022-10-01 01:08:42 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-01 2 siparisler.github.io/586v/04.07.2022_PAZARTESI_SIPARISLER.XLSX Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL siparisler.github.io/586v/04.07.2022_PAZARTESI_SIPARISLER.XLSX
IP  185.199.110.153
Magic Microsoft Excel 2007+\012- Zip archive data, at least v2.0\012- to extract, compression method=deflate\012- data
Size 166844
MD5 ea273838cc231f189370e3881dc318cb
SHA1 e350d073966c4d6306760671b68b38c7cb6d0584
SHA256 cb9cc7841fdd46b14f48ac6f26836e7b38912b2c7a00d378837a8b92f55bdaba
Analyzer Analysed Verdict Comment
VirusTotal 2022-07-18 14:20:16 25/61


Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 216.137.44.95
mnemonic passive DNS siparisler.github.io (1) 0 2022-06-30 09:56:04 UTC 2022-10-01 01:08:14 UTC 185.199.110.153 Unknown ranking
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-30 21:45:49 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 54.187.71.185
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-30 13:49:02 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.77.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 21:46:18 UTC 18.164.68.8


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.199.109.153

Date UQ / IDS / BL URL IP
2022-12-06 10:14:13 +0000
0 - 0 - 1 felipegesteira.github.io/Netflix/ 185.199.109.153
2022-12-05 12:17:52 +0000
0 - 0 - 6 soumya252000.github.io/Netflix 185.199.109.153
2022-12-05 10:12:31 +0000
31 - 0 - 2 achyuthanee.github.io/instagram.github.io/ 185.199.109.153
2022-12-05 08:26:09 +0000
0 - 0 - 3 yamanx8.github.io/netflex-clone/ 185.199.109.153
2022-12-04 22:26:31 +0000
0 - 0 - 3 blazerxxi.github.io/Netflix-clone/ 185.199.109.153

Last 5 reports on ASN: FASTLY

Date UQ / IDS / BL URL IP
2022-12-06 10:42:34 +0000
0 - 0 - 4 dememdrebese.web.app/ 199.36.158.100
2022-12-06 10:16:18 +0000
0 - 0 - 9 www.tscaz.com/wp-content/plugins/classic-edit (...) 151.101.194.159
2022-12-06 10:14:13 +0000
0 - 0 - 1 felipegesteira.github.io/Netflix/ 185.199.109.153
2022-12-06 10:09:55 +0000
0 - 0 - 2 raw.githubusercontent.com/IfinderCodes/amoogu (...) 185.199.109.133
2022-12-06 10:09:55 +0000
0 - 0 - 2 raw.githubusercontent.com/R-73eN/HackDay-Alba (...) 185.199.111.133

Last 5 reports on domain: siparisler.github.io

Date UQ / IDS / BL URL IP
2022-11-12 05:06:30 +0000
0 - 0 - 2 siparisler.github.io/586v/04.07.2022_pazartes (...) 185.199.108.153
2022-11-10 16:43:34 +0000
0 - 0 - 2 siparisler.github.io/586v/04.07.2022_pazartes (...) 185.199.110.153
2022-11-08 22:24:55 +0000
0 - 0 - 2 siparisler.github.io/586v/04.07.2022_pazartes (...) 185.199.109.153
2022-10-23 03:13:39 +0000
0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.110.153
2022-10-21 18:08:26 +0000
0 - 0 - 1 siparisler.github.io/586v/04.07.2022_PAZARTES (...) 185.199.108.153

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-06 11:16:23 +0000
0 - 0 - 2 45.139.105.66/invoice.exe 45.139.105.66
2022-12-06 11:14:45 +0000
0 - 0 - 1 h166135.srv12.test-hf.su/9.exe 91.227.16.12
2022-12-06 11:08:08 +0000
0 - 0 - 1 5.45.82.23/mirai.arm 5.45.82.23
2022-12-06 11:02:11 +0000
0 - 0 - 4 webpageconsulting.net/public/hrbm8kyyk2birm7q (...) 66.147.240.98
2022-12-06 10:37:49 +0000
0 - 0 - 0 onhadintrepha.info 172.67.156.253


JavaScript

Executed Scripts (0)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (18)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6550
Expires: Sat, 01 Oct 2022 02:57:41 GMT
Date: Sat, 01 Oct 2022 01:08:31 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 01:02:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a4b8b5ea0a3ab45ef51e6681d8320bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: KXgs8XijACWbB-86Y4W35jjijUUiSHoW0mTj2hW6GI-iKCJt5E7Hhg==
Age: 373


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.137.44.95
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 03:33:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5afa85054bbc88552c8f1b1dd45fef78.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: kWP6ako6Qi3HX4G1faHgHKxxKX9vV_mAx9nImWLv-5vk2nQg9vJAoA==
age: 77716
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /586v/04.07.2022_PAZARTESI_SIPARISLER.XLSX HTTP/1.1 
Host: siparisler.github.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         185.199.110.153
HTTP/2 200 OK
content-type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
                                        
server: GitHub.com
permissions-policy: interest-cohort=()
last-modified: Mon, 04 Jul 2022 07:22:51 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62c2954b-28bbc"
expires: Sat, 01 Oct 2022 01:18:31 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0806:C0B8:31F39D:3394F1:6337930F
accept-ranges: bytes
date: Sat, 01 Oct 2022 01:08:31 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664586511.373208,VS0,VE172
vary: Accept-Encoding
x-fastly-request-id: 9c699aa5f592d4e4c3a227b71c1cf4ff539ee5a1
content-length: 166844
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Microsoft Excel 2007+\012- Zip archive data, at least v2.0\012- to extract, compression method=deflate\012- data
Size:   166844
Md5:    ea273838cc231f189370e3881dc318cb
Sha1:   e350d073966c4d6306760671b68b38c7cb6d0584
Sha256: cb9cc7841fdd46b14f48ac6f26836e7b38912b2c7a00d378837a8b92f55bdaba

Alerts:
  Blocklists:
    - fortinet: Malware
  File Analyzers:
    - virustotal: 25/61
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 01 Oct 2022 01:08:31 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.164.68.8
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 01 Oct 2022 00:12:22 GMT
Expires: Sat, 01 Oct 2022 00:14:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6dcfe970273dbabb7e3f096812b664f4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: 8VvZpE1eXRh0FltKHqqas1TQLp8fwkJUtXROLyg6DSrAZAYtSwaFOA==
Age: 3370


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4432
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 01:08:32 GMT
Last-Modified: Fri, 30 Sep 2022 23:54:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: w0Q0UVhEfVwKCKDwMvdfng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zR6OfQwRSatVHC7zoIxT+jNa0r0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11165
Expires: Sat, 01 Oct 2022 04:14:38 GMT
Date: Sat, 01 Oct 2022 01:08:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11165
Expires: Sat, 01 Oct 2022 04:14:38 GMT
Date: Sat, 01 Oct 2022 01:08:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11165
Expires: Sat, 01 Oct 2022 04:14:38 GMT
Date: Sat, 01 Oct 2022 01:08:33 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11165
Expires: Sat, 01 Oct 2022 04:14:38 GMT
Date: Sat, 01 Oct 2022 01:08:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3837333-445d-4cb3-9734-b6d600909325.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8586
x-amzn-requestid: d912e9a1-0f3e-4bce-bbec-32a132e28df6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4R9HxkoAMFkxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0d9-60c982c41affb1d177d106fb;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wwyegXYTAFLSkibFGkQgLMT8HvVnl0HPueyXmcQMfjODw221ZkHqug==
via: 1.1 94be61e339880d0097634de6934f7710.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:47:24 GMT
age: 8469
etag: "fe6ca607e220c55494e3b2d0aae5022959c4a5af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8586
Md5:    9fb275e930996f302ab80412269d258a
Sha1:   fe6ca607e220c55494e3b2d0aae5022959c4a5af
Sha256: 6b03622b60a4ad077f1e0ac62d3b322d93ec0c332a65f84b8e1caab61ca2edae
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d8201d9-93ae-492b-8ea9-d245fa2e4073.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3640
x-amzn-requestid: b5f5c567-8aa9-414b-8310-cf3006711ee9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJo1vFIwoAMF2mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333bb57-0f1cbcbb29287f5367a14b67;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 03:11:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XruphpLT_AyIe9jcZWQszHLV0uMe0NxdxjhoppTX0YK3O7KdDlweIg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 07:03:58 GMT
age: 65075
etag: "303c6bb672425443a15bbe22394bd1149f887904"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3640
Md5:    a9e7ba045a723120501994dea21709db
Sha1:   303c6bb672425443a15bbe22394bd1149f887904
Sha256: b1bea7212e55ec8eaf62434214a86fed7d6a990d105984d79a7fa0e793395d59
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f707500-bb78-464b-8e9e-2668be34caad.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12024
x-amzn-requestid: 48a99025-ca1e-4446-a979-0f5f88ce0e28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNnxBGGOIAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63355339-3075ebfb184cfa3d13d50b24;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 08:11:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nr94_W1b4q5l2C73hNdgO_aSX8lHmdIgusKVIpIMVAXJ8VWfvxKMkw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 04:51:34 GMT
age: 73019
etag: "cb342453361e167efb495b22a3ce3d3c21e7742f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12024
Md5:    63b4a02eebad3106bb8e99f215914517
Sha1:   cb342453361e167efb495b22a3ce3d3c21e7742f
Sha256: 328ddf664fb20bf69e7ba70e8105a5dee0821238b28da55d112d5ea387c1d06f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0222b19-e28d-42f0-b085-23b2b665419f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5845
x-amzn-requestid: 5f7a3d43-3c65-4cde-9b7f-fcb6223200c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLEEchIAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-027b8cc4272f027521eea8c7;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: a8nsT_53H60cZZPbAAr2Ezer_ktd4_9xIM2i82m9tB8xBaZ-mF4JUw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:53:38 GMT
age: 11695
etag: "aad835c1f25a742cc8f3b8f695ddc2a8a83220b9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5845
Md5:    bf40d5ad9837589adb9464463083ed29
Sha1:   aad835c1f25a742cc8f3b8f695ddc2a8a83220b9
Sha256: 9883621d6a4802c1d12e6c8c4dd5a194a81ee84bbede42da853a9e23027aaa09
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F979b163e-e6cb-49a1-a2a2-de55e3c86685.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6655
x-amzn-requestid: 6e9b0765-6147-40a4-a35f-762674951b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4R0GfToAMFcag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0d8-123479603525e9295900d8f3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: KZ-jml1mHpWZYIEETqHgLTdGSAnnTtXX5Px6KQ90gOymg1mHMzLq2w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 14:32:44 GMT
age: 38149
etag: "bb9a3611d2eb51e0eef79106f1497e3f460a03cb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6655
Md5:    72a92d7de4dd5ccce4cdf54dd132b948
Sha1:   bb9a3611d2eb51e0eef79106f1497e3f460a03cb
Sha256: 7654b1824c07d1c121e288c19ea587eff25579333a783978bc73dc37cc9b35a4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F560edc86-1e97-4593-b97a-0e5e481931eb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11373
x-amzn-requestid: 63c9c5f9-ab5b-447c-9837-a20ae37cefc9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlMEq6oAMFRXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ed-36d33fe66aec59b477696c26;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QSCSEPZCfx7H19whFgxP2kAGKYDcqBv6dEIstTnzKmZHxzpkTFZr1Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 12:56:52 GMT
age: 43901
etag: "2b18eae551b2a537b6f839cf97ba6eff6d1b7d07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11373
Md5:    05fe3ce0222762233d97a00a63dc8960
Sha1:   2b18eae551b2a537b6f839cf97ba6eff6d1b7d07
Sha256: 69c2d96e2c3543cded0e4778d3e1206d7a2fff7ede92c1437bb7b66d4363596e