Overview

URL mediafire-kayess-viral-mp4.duckdns.org/
IP20.205.33.241
ASNMICROSOFT-CORP-MSN-AS-BLOCK
Location Hong Kong
Report completed2022-08-06 11:16:51 UTC
StatusLoading report..
urlquery Alerts DynDNS domain detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Added / Verified Severity Host Comment
2022-08-05 2 mediafire-kayess-viral-mp4.duckdns.org/ WhatsApp
2022-08-05 2 mediafire-kayess-viral-mp4.duckdns.org/ WhatsApp
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-08-06 2 mediafire-kayess-viral-mp4.duckdns.org/ Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] i.ibb.co (6) 13485 No data No data 51.210.32.132
[Mnemonic Passive DNS] site-assets.fontawesome.com (1) 299062 2022-02-10 06:20:21 UTC 2022-08-05 18:46:15 UTC 104.18.22.52
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.118
[Mnemonic Passive DNS] ocsp.digicert.com (4) 86 2012-11-29 12:49:49 UTC 2022-08-06 09:57:42 UTC 93.184.220.29
[Mnemonic Passive DNS] i.postimg.cc (1) 23840 2018-04-11 10:01:12 UTC 2022-08-01 13:51:50 UTC 141.94.130.128
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-06 05:12:46 UTC 34.214.17.205
[Mnemonic Passive DNS] mediafire-kayess-viral-mp4.duckdns.org (2) 0 No data No data 20.205.33.241 Unknown ranking
[Mnemonic Passive DNS] ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-08-06 04:58:04 UTC 142.250.74.3
[Mnemonic Passive DNS] ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-08-06 04:58:34 UTC 104.18.20.226
[Mnemonic Passive DNS] cdn.statically.io (3) 10364 2019-05-15 08:32:51 UTC 2022-08-06 07:13:59 UTC 151.101.85.91
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-06 05:12:46 UTC 54.230.111.7
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] cdnjs.cloudflare.com (2) 235 2014-04-23 07:31:51 UTC 2022-05-16 10:07:49 UTC 104.17.25.14
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-08-06 04:58:36 UTC 34.120.237.76
[Mnemonic Passive DNS] r3.o.lencr.org (2) 344 2020-12-02 08:52:13 UTC 2022-08-06 04:58:11 UTC 23.36.76.226


Recent reports on same IP/ASN/Domain

No other reports on IP: 20.205.33.241


Last 10 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK

Date UQ / IDS / BL URL IP
2022-08-13 00:03:57 +0000
0 - 0 - 1 trk.cpvlabtrk.online/15GtmW 20.113.187.208
2022-08-12 23:57:43 +0000
0 - 0 - 3 netbank.azurewebsites.net/Signin.php 20.36.106.98
2022-08-12 23:05:24 +0000
0 - 0 - 6 support.uoh.sa/ 40.114.227.126
2022-08-12 22:30:49 +0000
0 - 0 - 1 20.226.5.153//armv6l 20.226.5.153
2022-08-12 22:30:48 +0000
0 - 0 - 1 20.226.5.153//mips 20.226.5.153
2022-08-12 22:30:41 +0000
0 - 0 - 1 20.226.5.153//i586 20.226.5.153
2022-08-12 22:30:35 +0000
0 - 0 - 1 20.226.5.153//mipsel 20.226.5.153
2022-08-12 22:23:04 +0000
0 - 0 - 4 livetrack.in/EmployeeMasterImages/qace.jpg 52.172.211.121
2022-08-12 22:14:05 +0000
0 - 0 - 25 internetbankingcaixagov.com/sinbc/home/v2/log (...) 20.210.131.164
2022-08-12 22:10:30 +0000
0 - 0 - 3 netbank.azurewebsites.net/Signin.php 20.36.106.98

No other reports on domain: mediafire-kayess-viral-mp4.duckdns.org



JavaScript

Executed Scripts (2)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (37)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F055127A4794D0F76CB4DF8F290DF8E259258A63398A700F592C859DFFE9AC34"
Last-Modified: Thu, 04 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5445
Expires: Sat, 06 Aug 2022 12:47:25 GMT
Date: Sat, 06 Aug 2022 11:16:40 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 06 Aug 2022 11:02:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KlpeesL5-piWKZYpaEXEyoYUACtdPCurhtixQgew3hRK5ruwUVqkTw==
Age: 842


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-09-19-18-34-07.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Sun, 31 Jul 2022 18:34:08 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 06 Aug 2022 04:15:27 GMT
etag: "578b9ff83ff3950ab2a3d1a8344d2938"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PCKPDrvkoCcmv5HLRYZwt7U_ViN5sauiE6Nf41DfiA1cuALOWEw2GA==
age: 25274
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    578b9ff83ff3950ab2a3d1a8344d2938
Sha1:   39d48b67ba6aa45ec01767725e726cf9b0c87a70
Sha256: 35c99da9a5463a4788ceab7cf4b027bb25506cde28ace36c70d0bc924138f2f5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: mediafire-kayess-viral-mp4.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         20.205.33.241
HTTP/1.1 200 OK
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 06 Aug 2022 11:16:40 GMT
server: LiteSpeed


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   3033
Md5:    d0a23fc7c41a5c9b88fcc8ded081a52d
Sha1:   9c1585bf2037a17122924204b35d5ab20b93a389
Sha256: 842f85bd56f2239b33dde4a52a94a373149730b89b94d535fc588a043fb69a00

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: WhatsApp
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6244
Cache-Control: max-age=121935
Date: Sat, 06 Aug 2022 11:16:40 GMT
Etag: "62ed6e83-117"
Expires: Sun, 07 Aug 2022 21:08:55 GMT
Last-Modified: Fri, 05 Aug 2022 19:24:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /gh/AlexHostX/logAlex/main/facebook_text.png HTTP/1.1 
Host: cdn.statically.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
age: 386199
cache-control: public, max-age=31536000, immutable
content-type: image/png
date: Sat, 06 Aug 2022 11:16:40 GMT
etag: W/"abfa212cc4d7b3d4c8bdcd6b3f8299b10b8d2002dc23c03f0c0843062e616a61"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1662-BMA
content-length: 28789
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size:   28789
Md5:    74190b93fc4f5d88f0c8e6411ba20bd8
Sha1:   89ce2ecb660a90b8e6ed1b335443d7767c59f28a
Sha256: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6244
Cache-Control: max-age=121935
Date: Sat, 06 Aug 2022 11:16:40 GMT
Etag: "62ed6e83-117"
Expires: Sun, 07 Aug 2022 21:08:55 GMT
Last-Modified: Fri, 05 Aug 2022 19:24:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 11:16:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1940243
expires: Thu, 27 Jul 2023 11:16:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8m%2FDOeWGY4r61xFesJeJVrlJztjE69KCM7IPpcLg%2FRKea7AyNCOhNcNYL18hSeT1yrz0flYMtoxhjeGG9%2Bp4VqBhaz%2BOr42IR6VQQqjVJEYkohn9GwiE9Ox5%2B%2BgAqPphiQAfGYxA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 73675c9bce84b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   5845
Md5:    a7e25a22602a2b2ed35f90fd5210cff1
Sha1:   148c4f275b60e6cf6253d6b4c7bdc486515b2202
Sha256: 312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
                                        
                                            GET /gh/AlexHostX/logAlex/main/wa-img.png HTTP/1.1 
Host: cdn.statically.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         151.101.85.91
HTTP/2 200 OK
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
age: 970805
cache-control: public, max-age=31536000, immutable
content-type: image/png
date: Sat, 06 Aug 2022 11:16:40 GMT
etag: W/"05133d1767c973ae3b28fd4172eac3c0366a76ff7266b4413841f9e8442ebc42"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-served-by: cache-bma1662-BMA
content-length: 152291
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1000 x 1000, 8-bit colormap, non-interlaced\012- data
Size:   152291
Md5:    188a278629872508123e7bf25a4e4ae9
Sha1:   468d1d4a68a6ed6dad42f5470ae1d22fa6c032b9
Sha256: d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8
                                        
                                            GET /gh/AlexHostX/all.asset/main/alex-facebook.css HTTP/1.1 
Host: cdn.statically.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.91
HTTP/2 200 OK
                                        
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: *
age: 6740
cache-control: public, max-age=86400
content-type: text/css; charset=utf-8
date: Sat, 06 Aug 2022 11:16:40 GMT
etag: W/"73ee177308e5b9c39f0c2a5dffb054e6bcfdced470773e0aafcb8f0536cf325b"
server: statically
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT, HIT
x-content-type-options: nosniff
x-served-by: cache-sjc10082-SJC, cache-bma1662-BMA
content-length: 1081
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1081
Md5:    e3063086581e7696aff763941ec52465
Sha1:   f69a4541ca4d0db439d24dc98daf0da56ebc1097
Sha256: bd79edf1524966820a4f3bcf3697929abbcab3601d8aa6c76c647f51b33e6d1a
                                        
                                            GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mediafire-kayess-viral-mp4.duckdns.org
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 829821
expires: Thu, 27 Jul 2023 11:16:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KEojyajUuWT6yeph8yS68VnEYjGyBun857LIEIpzBrBlNZ3Y8%2BoCEACMfPqk61%2BoxCTLH8l%2ByFgqg32MlmtMeCCJcxV9Y6eQW3loh8K1MRvJRgyf935RDmEyPtDcH5oZHJ%2F%2FEDe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 73675c9bfa8a0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   27938
Md5:    d900ca08873ee57d40616d39a44cc0aa
Sha1:   7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
Sha256: 1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 11:16:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4E39DCAB75ED17FEE11B906A3AA1FCFAA85546E3"
Expires: Sat, 06 Aug 2022 22:00:00 GMT
Last-Modified: Sat, 06 Aug 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1994
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 73675c9c1ab20b69-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    7a50729e3c4a277ef35b26a1a22d08eb
Sha1:   5234c3f419e8d34acb9091906b9d14ae4c11fd8e
Sha256: 3a8d29687ff1c5c5d9252e92355aa10547ff43338af4f0b42af51f59ddf697c4
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6244
Cache-Control: max-age=121935
Date: Sat, 06 Aug 2022 11:16:40 GMT
Etag: "62ed6e83-117"
Expires: Sun, 07 Aug 2022 21:08:55 GMT
Last-Modified: Fri, 05 Aug 2022 19:24:51 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 11:16:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.118
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 06 Aug 2022 11:16:14 GMT
Expires: Sat, 06 Aug 2022 11:31:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uaB2DR8X4PW9i5B_feJxG5fySZE-T_8PyDodQPGPn0lvIizGhmUN6g==
Age: 27


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /alexFrontEnd/asidjawd0auwhda2.css HTTP/1.1 
Host: mediafire-kayess-viral-mp4.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/

                                         
                                         20.205.33.241
HTTP/1.1 200 OK
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sat, 13 Aug 2022 11:16:40 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2022 20:35:03 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 981
date: Sat, 06 Aug 2022 11:16:40 GMT
server: LiteSpeed


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   981
Md5:    bb066bf5d11611e580983e35a6cbbdd3
Sha1:   e977d299c264818ac3ff8769755560f6f8a2787c
Sha256: 68a08bc9233b1de19e2e297ac28115d6a4c2340c80c3c104ba56959d5d0c5a22

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: WhatsApp
                                        
                                            GET /6btqPzf/46534653647534676.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.32.132
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: image/png
content-length: 91891
last-modified: Sun, 22 May 2022 20:39:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 303 x 303, 8-bit/color RGBA, non-interlaced\012- data
Size:   91891
Md5:    57d5740d17ec9379776eaf99558558fe
Sha1:   926662fec0f40fa13f394240def72bbb5106dbb5
Sha256: 5a574efb77e8690faf8f57000749456bb7e466dad430f46f64c497f86fd7f06a
                                        
                                            GET /xCbwrJfs/images.jpg HTTP/1.1 
Host: i.postimg.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         141.94.130.128
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:16:41 GMT
content-type: image/jpeg
content-length: 24737
last-modified: Sun, 22 May 2022 21:20:20 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 554x554, components 3\012- data
Size:   24737
Md5:    0acb216c9cd84c8e68fe19e81665114a
Sha1:   94a00ae24fc960f33c57c3a3c9508c99e41940d5
Sha256: 0218fd916b1f957c0538e99bd33069cf9e147c19b0dd7ada97ad491e57cafcfb
                                        
                                            GET /zbkXm2T/165325118357786736-1.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.32.132
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: image/png
content-length: 62433
last-modified: Sun, 22 May 2022 20:31:22 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 270 x 270, 8-bit/color RGBA, non-interlaced\012- data
Size:   62433
Md5:    33f21334f5aeb86592426eb74c07af91
Sha1:   7f1b33202136cc55e30f252f6bec94b2688521c8
Sha256: 5d49526636f767f53363cca37f93cd9c55dff76bda58abe340c584f5bf2162e1
                                        
                                            GET /85YydzM/165325118357786736.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.32.132
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: image/png
content-length: 57932
last-modified: Sun, 22 May 2022 20:29:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Size:   57932
Md5:    aa63405defc4a0f45e3eeb0bb941e4f0
Sha1:   23caa69d63f63bfb74dbcaf720e5f89b91950d6d
Sha256: 1e7cac0abe9850f051add34f30f1cdd5b89c64ac6b1e4f22006a8cd624cfc16a
                                        
                                            GET /HYCbNV0/236272365237.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.32.132
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: image/png
content-length: 101230
last-modified: Sun, 22 May 2022 20:35:28 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 258 x 258, 8-bit/color RGBA, non-interlaced\012- data
Size:   101230
Md5:    8d0b6625d4dfe87815f8fe4506093755
Sha1:   5e8da5f7e62a6e14fc647e17ee0c6d40cc20b6e2
Sha256: 5bf1e0444202e7f999951602756396e0aaadcaf99d6a8df772cb31205aa9f946
                                        
                                            GET /6JWXqcQ/9429795792947.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.32.132
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: image/png
content-length: 158442
last-modified: Sun, 22 May 2022 20:38:22 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 388 x 388, 8-bit/color RGBA, non-interlaced\012- data
Size:   158442
Md5:    fa7067501d90776a919c124c86c3f885
Sha1:   006d2b42a0aaf675847aaea80e1ff0cea4b10a20
Sha256: 4256e8caf9b1ec39378834c37f8ce7c3d277bf3c9838890f2f506bb9396f6a1a
                                        
                                            GET /K6L96Js/Screenshot-450.png HTTP/1.1 
Host: i.ibb.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         51.210.32.132
HTTP/2 200 OK
                                        
server: nginx
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: image/png
content-length: 462778
last-modified: Sun, 22 May 2022 20:59:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 513 x 513, 8-bit/color RGBA, non-interlaced\012- data
Size:   462778
Md5:    a70e3e79fa06490e41b0f45d7795a56d
Sha1:   9a5ac96698e360601eaed0aa4c85dcae60192963
Sha256: c55ce143db000d65538de4faf41c805010b2b5daabbc210a7198551556dd24e9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 11:16:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /releases/v6.1.1/css/all.css HTTP/1.1 
Host: site-assets.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mediafire-kayess-viral-mp4.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.22.52
HTTP/2 200 OK
                                        
date: Sat, 06 Aug 2022 11:16:40 GMT
content-type: text/css
x-amz-id-2: 332zxxLyeOA0bVHaDihkoNN8z15TpqoPHwlgSqo0+JYF9Eb1EbFs+dM6zZXyMDQJzxobqXmUSog=
x-amz-request-id: DBBNDRR8JR1BQ6BC
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 11802525
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 73675c9b9858b51b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   98381
Md5:    fff172a91802bfdb0ff6dac83f6f8f1d
Sha1:   c627b75a8cccf72ec3b7c72cfc623615ac6da38c
Sha256: 95a8fbfb5ea62c91984ad65c60d49946577012874030fd90c1365d960f654f41
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 06 Aug 2022 11:16:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5007
Cache-Control: max-age=166526
Date: Sat, 06 Aug 2022 11:16:41 GMT
Etag: "62ee2188-1d7"
Expires: Mon, 08 Aug 2022 09:32:07 GMT
Last-Modified: Sat, 06 Aug 2022 08:08:40 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NlA0T/+a4CpUphQPZym4hA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.214.17.205
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4NiomZvwChpbWkuPNhCEZyMBDaE=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D129895DD82ACE0D70FE0D261B7C2E924E869686CEDF20C238EFA6BFDF5E632"
Last-Modified: Wed, 03 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2196
Expires: Sat, 06 Aug 2022 11:53:18 GMT
Date: Sat, 06 Aug 2022 11:16:42 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F817dc1f7-eb45-43f8-baff-dc8c8dc431d5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5927
x-amzn-requestid: 99ada533-43cd-41fc-82bb-e458f0eb1f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMb7GCHIAMFTvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8de5-229e11765cf29cea03c3627a;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4XnbV70sg2VdJpPpU4qwePJEGJtqD9fvi7N5tGLwn53qD4YlgsV2nQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:46:20 GMT
age: 48622
etag: "2f672c1b11a1c279f429a25e80e37c19d87ed31b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5927
Md5:    1d51f89b8978e5f853da0ec27aeba1f2
Sha1:   2f672c1b11a1c279f429a25e80e37c19d87ed31b
Sha256: 4b1741201668ef2b420b2c6ca02a9acec12b98c5527745229ceb27239a99881d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bfd5df4-420a-41ec-b1de-b396653699e3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8223
x-amzn-requestid: 1d39aed7-65da-4168-9a89-900d5a861e84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMdAFTKoAMFz_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8dec-114929484ac704c76691f89f;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vWXGezsy5PVgC3WkZskelMsz0v1wgoMt7-8_nrKuvEOfsUbwLXdxcw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:46:25 GMT
age: 48617
etag: "9b19561b15e7e126ee65436ba20d4ae4098e6776"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8223
Md5:    21cb9fd64193c9fa61a65be28fa65bda
Sha1:   9b19561b15e7e126ee65436ba20d4ae4098e6776
Sha256: 16676379a98b377329551dea82df06b036aa7a1902ecc18b2467b25c0bd0e4dd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2e82c42-fd94-454a-912f-56867d09ec8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7007
x-amzn-requestid: f82ea4ee-a0dd-484b-8d07-7cc98b4f3345
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMb8FGzIAMFzJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8de5-4fc058516eb94d393a3bfd64;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vMBgynj5-az3NTLcvmLHPEitqn3dhouad7LLZY6NkcmWstbQdrJ4_Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:46:20 GMT
age: 48622
etag: "671abe46bc15fe88431e40416df266331a65f849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7007
Md5:    1ed454c7b6a969da4f12c5dc57b0117e
Sha1:   671abe46bc15fe88431e40416df266331a65f849
Sha256: eb2cd92f0994a7bfea8151ce716bce18aa1bbbeca7ca66a786c09c3dff8a41e7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5220284-1209-43a7-9af7-d1b6ed31b248.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11592
x-amzn-requestid: 73091111-067e-4c53-97ae-702fbf2b6d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaNsvHdVoAMFUDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8fea-3048002a0a2373536c9c39a1;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:47:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8Jbqi5Uh78XEiAahWe1d5Jm44X-eCqfQ4mhssDyrK1gy4h8CIBJ_g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:47:35 GMT
age: 48547
etag: "d2838f572736105231e6d321790315a8bf1f68eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11592
Md5:    ae3af770ca5815a2744dfad2e742d227
Sha1:   d2838f572736105231e6d321790315a8bf1f68eb
Sha256: 756c59730240921214b26350193d4471c15a98f32c959395ffb05f6b7be34ff5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47127619-5c86-4363-ad38-bd0ea52d7a06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 3871
x-amzn-requestid: 8e2f628a-40e7-4a30-9250-e799388e3f06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMExESGIAMFmSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8d51-548ce53641314e2f14e5c4af;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K_JIjjIoI8WKlfv4W3wDwglaTEkOabSJz7gG2zq8_1vEccPljbZilw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:58:37 GMT
age: 47885
etag: "5aafd1e4d78ce8b097b9d9333f8a583a3004ed21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3871
Md5:    2d2380784d41f22b7c39f22aa6ee89f5
Sha1:   5aafd1e4d78ce8b097b9d9333f8a583a3004ed21
Sha256: 0c0f5233c5b6e055ab79900dcd96b99dcd837a2459c75c75ba54d1289dab4ec7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa26223bd-d704-4f37-9bda-4a67147d87f9.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7022
x-amzn-requestid: a4b2e422-88b5-406a-9e4d-40f5cf5cbdb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: WaMb9HouoAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62ed8de5-08e066b803cf639d6dc69fe7;Sampled=0
x-amzn-remapped-date: Fri, 05 Aug 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hCi-KrTW8WV29cRt4s46po6kaTKYMb18-JSCEGbgoIbYu9tdEkJ-rw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 05 Aug 2022 21:58:37 GMT
etag: "de125f4ffd1f967c1557f082c41477891630539c"
content-type: image/jpeg
age: 47885
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7022
Md5:    f8ee35182a507e89b787ac718a80508c
Sha1:   de125f4ffd1f967c1557f082c41477891630539c
Sha256: 8def080600f8b45c3683dfb91586c9b03bf3fbb07437e9ab9dad816909cc3021