mcxnojsets.duckdns.org/
179.43.149.15200 OK 9.7 kB IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1274), with CRLF line terminators
Hash 5e8a2d8e4307d0a42eb9e7e77b19cdd3
81a54fc28653d25015ecc169577cc7df807d53e8
2e96ddb64778fadf1de3b2914e7b80b61f98ba5cb91ab535f06e6fa23600f825
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET / HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/html
Last-Modified: Tue, 11 Oct 2022 09:28:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6345374b-10968"
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
18.244.155.120200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.244.155.120:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 14:26:20 GMT
Expires: Sat, 22 Oct 2022 14:48:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 fee1af928fb542120a907076855ee8f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: dGSTSlmPjQ67W9lZ6Opkc0CED4VXC4KlwWBgm0YYIi4gmgdFI0Vcvg==
Age: 1326
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21255
Expires: Sat, 22 Oct 2022 20:42:41 GMT
Date: Sat, 22 Oct 2022 14:48:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cecd3b2e0cd07173ee1fb63b0a744119
774e0935fffd5bb39799c040098e32c3dc88702f
78c2c60f2d752f572f1711e23aa3f82d5e5bce1940064405f6f989886f6315df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C2C60F2D752F572F1711E23AA3F82D5E5BCE1940064405F6F989886F6315DF"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8149
Expires: Sat, 22 Oct 2022 17:04:15 GMT
Date: Sat, 22 Oct 2022 14:48:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5GQwlD3SdRT9OrNfxv7GnKjWpGUpiQ/xPKljlgouw+j9xMyhzMwgUkmFIADndp0MLTuJiyKgd6s=
x-amz-request-id: WTYT7J9VDA0341ZF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 14:37:36 GMT
age: 650
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
mcxnojsets.duckdns.org/css/main.css
179.43.149.15200 OK 708 B URL HTTP/1.1 mcxnojsets.duckdns.org/css/main.css
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a4ba1619ad6990c1b4d6c85183279e57
92cfc949fdf4b5c853ad7d1f698ec2b09c5a19e1
718e0171f27d72c258e408cdd8572d2987e62b44f11b1dcb4d03a259300fc31f
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /css/main.css HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/css
Last-Modified: Fri, 18 Feb 2022 11:48:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"620f877c-6c5"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 14:48:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mcxnojsets.duckdns.org/style/lognos.js
179.43.149.15200 OK 1.9 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/lognos.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (4013), with no line terminators
Hash f7129a5905eaa9e19ad195cbaa535099
3d9b491d5c0fa32653b1818cc6fdfdc9418ae4ea
42c536b5fad0a5c7e397daebb171f74776268a1fc223cd4868a3e8897abe23f6
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/lognos.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab20e-fad"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/gtm.js(1)
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js(1)
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js(1) HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/ytag.js
179.43.149.15200 OK 7.5 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/ytag.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (23465), with no line terminators
Hash 97d384df0cad2cfdd05fd1421e416b1f
26411cdc7dfa2bb24f78869c09227bba52d26823
c9202f75a65e4e6d545e2acadba33d2486ce967925de3739d090faf2e1fa65ed
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/ytag.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab20e-5ba9"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/saved_resource
179.43.149.15200 OK 0 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/saved_resource
IP 179.43.149.15:0
ASN #51852 Private Layer INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/saved_resource HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/octet-stream
Content-Length: 0
Last-Modified: Tue, 28 Dec 2021 06:43:26 GMT
Connection: keep-alive
ETag: "61cab20e-0"
Accept-Ranges: bytes
mcxnojsets.duckdns.org/style/liveengage.js
179.43.149.15200 OK 3.3 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/liveengage.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (8801), with no line terminators
Hash 97a679c0828b2bb01595d2d3d98dadd2
80a280d82c0a0bd60af9a682f3728a6bf4819cdd
22948e7ce56e90b07213bbc1b47d2fdba7720203dba1fb11a34f3a789f3869b9
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/liveengage.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab21e-2261"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/pixel
179.43.149.15200 OK 0 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/pixel
IP 179.43.149.15:0
ASN #51852 Private Layer INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/pixel HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/octet-stream
Content-Length: 0
Last-Modified: Tue, 28 Dec 2021 06:43:28 GMT
Connection: keep-alive
ETag: "61cab210-0"
Accept-Ranges: bytes
mcxnojsets.duckdns.org/style/f.txt
179.43.149.15200 OK 16 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/f.txt
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2165)
Hash d119eeff3d7fd89b4a33b10f974ee155
f3561d3d8293ab144f09e702ff39cec97f9f38b9
e01b599794e1ea418e158780b173db263a4d811be8fd3585e3531d8aaaebc372
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/f.txt HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2021 06:43:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab20e-9421"
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/pixel.js
179.43.149.15200 OK 1.6 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/pixel.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (3845)
Hash b5a81c3e7d5ac7990812d0504158200a
747dcfd907d89817f9607b0e83e42f76e6c3c6bd
36bd58386a52bbe59aedc4e09b27df3308f51b0d61da3095a1d14b5205115fba
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/pixel.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab210-f06"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/fbevents.js
179.43.149.15200 OK 30 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/fbevents.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (64343)
Hash e1c53ef19bd37f0db8e4c3be96dc4fc4
79cc55688b6d9dafb0dc749c9002bd7148fd7938
c42c9096d28f12a18e45e102ef33ef21b1385d7f25279163cf73fde5397ddd09
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/fbevents.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab210-189e5"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/www-widgetapi.js
179.43.149.15200 OK 58 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/www-widgetapi.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (618)
Hash b6f55f047f9b208c5f2cb304b8391d15
5c007315ce2b15e5f860ba5218bf8b13f95a3e28
01d5492dc54e2a0458de9138a6c473804709f69ded7a2c2df78a84f8ff04e041
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/www-widgetapi.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab20e-25478"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/pixel2.js
179.43.149.15200 OK 1.1 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/pixel2.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (546)
Hash 486f199c554b09deca22424e289690b9
b9485510bbeed313d05b98c7bf4c2afea917b95e
89e53b2f2b264b2ef8772acbc192b2d7da2447082935622be3d5b658c6106d23
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/pixel2.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab212-815"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/lt.js
179.43.149.15200 OK 11 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/lt.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (17022)
Hash 247b1e036600af9d0d574b3704908f1d
3dabc7ac6b280582454df01e4062b31543c71f4a
55abb0262ef1fbb5f0df549d1967105c852e9986c69b748c846032fac77cacd3
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/lt.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab212-7ef7"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/uwt.js
179.43.149.15200 OK 5.8 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/uwt.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (14407), with no line terminators
Hash 9b5da3ad10075dbe53ceb785f544c5b7
2adacb7fe7cb680eecfb112ffd76521c1c7a353d
ca332f9f13912a7f879dc12d50411368c59aebc5d258fb8f9e420ca891dba4fa
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/uwt.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab212-3847"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/iframe_api
179.43.149.15200 OK 980 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/iframe_api
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (509)
Hash 9a74bbcad4cd84bf3344a86ca3bc0d97
0471334c66e0ca68602a0b102ada2d13fddae0ee
8002dace9aa6d2f5a60968e10897ec4b45e698b2851a22320a6cb5f7df42c67c
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/iframe_api HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/octet-stream
Content-Length: 980
Last-Modified: Tue, 28 Dec 2021 06:43:30 GMT
Connection: keep-alive
ETag: "61cab212-3d4"
Accept-Ranges: bytes
mcxnojsets.duckdns.org/js/script.js
179.43.149.15200 OK 634 B URL HTTP/1.1 mcxnojsets.duckdns.org/js/script.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with CRLF line terminators
Hash 1e3e21cd57a34282f6927e944326f888
34721c561b0d448a55abf841b8a1f2b83129c4e3
138c838d58437d609b9c9b14c3a9d9038f135064700ad214f375bb0ead6ab559
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /js/script.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Content-Length: 634
Last-Modified: Thu, 24 Feb 2022 09:02:32 GMT
Connection: keep-alive
ETag: "621749a8-27a"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
mcxnojsets.duckdns.org/style/_dmptv4.js
179.43.149.15200 OK 2.3 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/_dmptv4.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type C source, ASCII text, with very long lines (5192), with no line terminators
Hash 95ef3abe62f9eefe812c54e52b9d3813
79e9cb8af8fe017f0de8e8a638011b6f81050654
78a52c08ec8f5de8718b0e1e4c55452c74933f20101c138d6f60e1e1556ce01c
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/_dmptv4.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab212-1448"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/gtm.js(2)
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js(2)
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js(2) HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/analytics.js
179.43.149.15200 OK 22 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/analytics.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (1325)
Hash 87c64ab9ee856496b3d949e8a861443c
fb3ad494cb25d8f94bf9059c8f5d2512f017281d
5cb225ddbafa77b76e971c2b8e1e6f0ad6a509c35f0f8958092e50f319876f2b
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/analytics.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab20e-c41d"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/gtm.js(3)
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js(3)
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js(3) HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/gtm.js(4)
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js(4)
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js(4) HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/scroll-hint.min.82f77c9aabf517fbab481595ef13f83e.css
179.43.149.15200 OK 2.3 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/scroll-hint.min.82f77c9aabf517fbab481595ef13f83e.css
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2186)
Hash 2d05a30d79f25c9519f431907c950a4e
93691a7cb5c3f4404a313f8063e9fedb5b8c57c6
9bea99822ea8b315ae0be3d1e16df0420e44f48450308d2b3828ee320235bb84
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /style/scroll-hint.min.82f77c9aabf517fbab481595ef13f83e.css HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Dec 2021 06:43:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab216-208c"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/js/jquery-3.5.1.js
179.43.149.15200 OK 99 kB URL HTTP/1.1 mcxnojsets.duckdns.org/js/jquery-3.5.1.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
Hash 417d193be793a12c3a8c09719344d5d9
3a2c71f1415de5d733e46f17976e444107701551
30017ffc4ca57101bb45ae325b3c0793831d838ad45a229eccf40a9261a911f6
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /js/jquery-3.5.1.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 23 Jun 2020 07:11:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5ef1ab10-4638e"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/jquery.min.aff2e94082fe08198c0a4cfe3a8ca23c.css
179.43.149.15200 OK 699 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/jquery.min.aff2e94082fe08198c0a4cfe3a8ca23c.css
IP 179.43.149.15:0
ASN #51852 Private Layer INC
Hash 88572acc5c84f0838bd2e05fc8217c18
a0bc5f73b780e435097cde460da13b1272bc1860
b0cd80d6a0a52a65a5cdeb92d57a6ae927e7491faebabe7d0b28193ad2f5562c
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /style/jquery.min.aff2e94082fe08198c0a4cfe3a8ca23c.css HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-712"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.244.155.120200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.244.155.120:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Pragma, Content-Length, Content-Type, ETag, Retry-After, Cache-Control, Last-Modified, Backoff, Expires
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 22 Oct 2022 14:03:50 GMT
Cache-Control: max-age=3600
Expires: Sat, 22 Oct 2022 14:07:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4939467e567a49e735e944a78fc9ac32.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: Ju9e4nRId2Ly49-5nVT2TmV87jwMzRUy0ZoPrB4pcs4N3730BWcJyg==
Age: 2676
mcxnojsets.duckdns.org/style/jquery-ui.min.1d17c6c4564855d1a8b19ec31aa1b648.css
179.43.149.15200 OK 8.9 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/jquery-ui.min.1d17c6c4564855d1a8b19ec31aa1b648.css
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2613)
Hash c082a505c172bfe9a5ca40988eb38e46
8de62b2c3f9c73090ad1beab90c8970e62e0d8e8
00c601a5c101c7438fc36f833eb32ada8f94f1d0af08973e8fe6bbd522026aa8
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /style/jquery-ui.min.1d17c6c4564855d1a8b19ec31aa1b648.css HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-7f49"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/clientlib-base-add.css
179.43.149.15200 OK 980 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/clientlib-base-add.css
IP 179.43.149.15:0
ASN #51852 Private Layer INC
Hash 6b91d9dc2b3aa40a376b0a33dc6aea48
127dbf9ffe7135339d1084fe512845b29ec0fe00
70e60126da9121ee57c0287c62985cd7512d6c371ee3d2794c210126a7b465ad
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /style/clientlib-base-add.css HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/css
Content-Length: 980
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Connection: keep-alive
ETag: "61cab214-3d4"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
mcxnojsets.duckdns.org/style/gtm.js
179.43.149.15200 OK 70 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (47401)
Hash ef6b986a8e5ff25e1e079166098c34a5
25a59af1fd39e2975a19ad3bf9aaab002bb478b3
54c83395de46dc6704b1f72bbee56f676971a876e1821e65e8e36a3c7586d062
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-4f9fb"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/jquery.min.dd484c7efe0aa1c25d684eccc09f2d85.js
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/jquery.min.dd484c7efe0aa1c25d684eccc09f2d85.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/jquery.min.dd484c7efe0aa1c25d684eccc09f2d85.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/clientlib-dynamicmedia.min.0dcae7c0bad90570682725c4675b5ab3.js
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/clientlib-dynamicmedia.min.0dcae7c0bad90570682725c4675b5ab3.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/clientlib-dynamicmedia.min.0dcae7c0bad90570682725c4675b5ab3.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/clientlib-js-valid.min.464d4878e729cd94e91e317c0a1123d9.js
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/clientlib-js-valid.min.464d4878e729cd94e91e317c0a1123d9.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/clientlib-js-valid.min.464d4878e729cd94e91e317c0a1123d9.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/f(1).txt
179.43.149.15200 OK 1.2 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/f(1).txt
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2750), with no line terminators
Hash c955c42aea866c9efd844908465d5493
fe449e5999dfad4fc217a2cc9b557ed09e927801
2d2219ed26c876d6ead31c02ab2a43c3595fbbace970de7e6df111565a26680c
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/f(1).txt HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-abe"
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/2646269855404547
179.43.149.15200 OK 313 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/2646269855404547
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (64471)
Size 313 kB (312600 bytes)
Hash 859a1931d6170a2db0dc509fe8ae21aa
ec760d92c34cad674c7c0ccc29722d0b8d48bd71
2677d4ca5f0730cbc5f6538cbda932fbe193598ee0e3187c65ec73887072ac1f
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/2646269855404547 HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/octet-stream
Content-Length: 312600
Last-Modified: Tue, 28 Dec 2021 06:43:28 GMT
Connection: keep-alive
ETag: "61cab210-4c518"
Accept-Ranges: bytes
mcxnojsets.duckdns.org/style/f(2).txt
179.43.149.15200 OK 1.2 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/f(2).txt
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2752), with no line terminators
Hash 9546e46ea74395d5c075a1012c928d95
96c212322c7de8b740081187ad4163ad5a749029
2c8b44a8f06fc57afdf5001ad820c53f4f64ef058f19e22fa7a7dc039c39ba2e
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/f(2).txt HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-ac0"
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/f(3).txt
179.43.149.15200 OK 1.2 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/f(3).txt
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2752), with no line terminators
Hash c5ca84dc3ef02c6cf35f01379f802f01
6da1347744d37cea92e16b9b42a92ee19f966654
744b74f55c35d953059439ca8ce1e0bf6db7049d733353335e1867ed1fbc87fe
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/f(3).txt HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-ac0"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4039
Cache-Control: max-age=152737
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:27 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:14:04 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
mcxnojsets.duckdns.org/style/f(4).txt
179.43.149.15200 OK 1.2 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/f(4).txt
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2752), with no line terminators
Hash c44e84ecb53c06a11025d94e9b8bcaa7
b2a05925db8a4b20c2031a6444e92c2307cb5684
9b54c112810613f7027a38865341e22916fe74cf6a707fbbbdf1f653aa67c68b
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/f(4).txt HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-ac0"
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/f(5).txt
179.43.149.15200 OK 1.2 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/f(5).txt
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2750), with no line terminators
Hash 943e24bde7ec0833dbf9ce66cc17704f
6deb98d914e37c1497717d059f4465e2286adc95
dce5765bb4ae4da4ec7abffb340c2fa2d287b44ca42e1308439e040985b8e31d
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/f(5).txt HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-abe"
Content-Encoding: gzip
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 6e41a74ebd8675a35d5c22831656de2b
b59ea3a22606aac967161fa21283f4c590a9a817
f3ec1e89e95e0c6cbc2911b54a4ec895e8dcc94d76c2f22d0365eb620a2c9705
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 26 Oct 2022 11:55:56 GMT
ETag: "b59ea3a22606aac967161fa21283f4c590a9a817"
Last-Modified: Sat, 22 Oct 2022 11:55:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2365
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e308b1da170b31-OSL
mcxnojsets.duckdns.org/style/clientlib-base.min.2cd0f20a74d6d0eea0783cc325103d58.css
179.43.149.15200 OK 108 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/clientlib-base.min.2cd0f20a74d6d0eea0783cc325103d58.css
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type assembler source, Unicode text, UTF-8 text, with very long lines (562)
Size 108 kB (108080 bytes)
Hash 6178cde5ae22d2538bb3171a1e92a9d0
a0b241dc7e4bb1db3e185cf52d3c1b23e93aa050
05d5cb42c478b50c377058076434fed6726a8c8485e6ac0f829893373e8dba71
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /style/clientlib-base.min.2cd0f20a74d6d0eea0783cc325103d58.css HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: text/css
Last-Modified: Thu, 21 Apr 2022 07:49:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62610c9c-d07d6"
Expires: Sun, 23 Oct 2022 02:48:26 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/f(7).txt
179.43.149.15200 OK 1.2 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/f(7).txt
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2884), with no line terminators
Hash 07c10a5e29472e71d449dd5266ae0728
a399ad17d81863c51672aa5c89fa42ba134d80c6
9d34af43e08e0171ad329244ddab2ced23049597e6a50093a2dd4765192b755d
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/f(7).txt HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2021 06:43:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab216-b44"
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/tag.js
179.43.149.15200 OK 8.2 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/tag.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (21652), with no line terminators
Hash e0fd3a85def2aa17d21cd45a72b80ad5
a802eefd202e6c88c542cccad694f8f133e4784c
a38024c5962499e34e55edfc76a483e6592a15dd767e72af2e7d362e61e7cdcd
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/tag.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Dec 2021 06:43:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab216-5494"
Expires: Sun, 23 Oct 2022 02:48:27 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/disaster-message.css
179.43.149.15200 OK 622 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/disaster-message.css
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type Non-ISO extended-ASCII text, with CRLF line terminators
Hash 918375fc4c0b9ec30dad4c4ac12a4943
7ae961cf2228e6216248ec129185c4fe5f1b2ca5
5262bf0d7b4be72b43b2a07723649714b55d41f24c73bc8817f4e315e4f1b678
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /style/disaster-message.css HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/css
Content-Length: 622
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Connection: keep-alive
ETag: "61cab214-26e"
Expires: Sun, 23 Oct 2022 02:48:27 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
mcxnojsets.duckdns.org/style/f(6).txt
179.43.149.15200 OK 1.2 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/f(6).txt
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (2792), with no line terminators
Hash f36d45b0ef315d8f30b701e84952db1b
793b07cb33b117d7cc8c8a5ad1da1740180090ed
ae3b9484ee33b47126a28b69119a3404827e0f6aa4701d8e6ce52b7342007ad9
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/f(6).txt HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/plain
Last-Modified: Tue, 28 Dec 2021 06:43:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61cab214-ae8"
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/js
179.43.149.15200 OK 0 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: application/octet-stream
Content-Length: 0
Last-Modified: Tue, 28 Dec 2021 06:43:34 GMT
Connection: keep-alive
ETag: "61cab216-0"
Accept-Ranges: bytes
push.services.mozilla.com/
35.82.48.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.48.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7URrk+yt7YohK6bisWvSaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F4loTCv88JDenE9C50cl7bMg+H0=
js.users.51.la/21221611.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21221611.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash c3d9ea76b2af61481ad3971b7fb1e53c
d5946d007367a7960b2dbee262ed456aab3fbaf2
c2b5104d0aeb0798b6f4b1063938428b1d011e1793bb27f81a917755dd5d8262
GET /21221611.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=c279656865535f72054; path=/
HWWAFSESTIME=1666450103667; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
mcxnojsets.duckdns.org/style/gtm.js(1)
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js(1)
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js(1) HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/gtm.js(2)
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js(2)
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js(2) HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/gtm.js(3)
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js(3)
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js(3) HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/gtm.js(4)
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/gtm.js(4)
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/gtm.js(4) HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/jquery.min.dd484c7efe0aa1c25d684eccc09f2d85.js
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/jquery.min.dd484c7efe0aa1c25d684eccc09f2d85.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/jquery.min.dd484c7efe0aa1c25d684eccc09f2d85.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/clientlib-dynamicmedia.min.0dcae7c0bad90570682725c4675b5ab3.js
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/clientlib-dynamicmedia.min.0dcae7c0bad90570682725c4675b5ab3.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/clientlib-dynamicmedia.min.0dcae7c0bad90570682725c4675b5ab3.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
img.macromill.com/access/us001201jhn/2000018703-bc/utm.png?r=&qs=
108.156.28.51200 OK 68 B URL HTTP/2 img.macromill.com/access/us001201jhn/2000018703-bc/utm.png?r=&qs=
IP 108.156.28.51:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /access/us001201jhn/2000018703-bc/utm.png?r=&qs= HTTP/1.1
Host: img.macromill.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 68
date: Sat, 22 Oct 2022 14:48:27 GMT
etag: "b57248e07c365005a74c4e5d8def9fbb"
last-modified: Sat, 22 Oct 2022 14:48:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP='NON UNI CUR OUR'
set-cookie: c=d233897e32.079; expires=Sat, 21-Oct-2023 14:48:27 GMT; Max-Age=31449600; path=/; SameSite=None ; secure
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
via: 1.1 cb8e2cd001e8928a49dc551941d5c7da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: _4rCcLyDibG_7zDRlxgexYxm8Xmk2q6j6XBE-K1cuG-7ijyiKvI6bQ==
X-Firefox-Spdy: h2
mcxnojsets.duckdns.org/style/clientlib-js-valid.min.464d4878e729cd94e91e317c0a1123d9.js
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/style/clientlib-js-valid.min.464d4878e729cd94e91e317c0a1123d9.js
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/clientlib-js-valid.min.464d4878e729cd94e91e317c0a1123d9.js HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/style/1695071264125840
179.43.149.15200 OK 312 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/1695071264125840
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (64471)
Size 312 kB (312540 bytes)
Hash 1a04ed5d1306e2b40d482c07e1c9589d
0e4cbf9b81f32ba3d6f3946a27b92c83feec6dc0
c537dafc1b5e60ce37ad39253a33967c3e1e83be35f30e04f84d1379fc48c59f
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/1695071264125840 HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:26 GMT
Content-Type: application/octet-stream
Content-Length: 312540
Last-Modified: Tue, 28 Dec 2021 06:43:28 GMT
Connection: keep-alive
ETag: "61cab210-4c4dc"
Accept-Ranges: bytes
mcxnojsets.duckdns.org/style/jsonp
179.43.149.15200 OK 270 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/jsonp
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type ASCII text, with very long lines (65536), with no line terminators
Size 270 kB (270241 bytes)
Hash c0f231f08373b0df0bd91d71e1dce60e
c21877d039f81d02a39186544b4e1a498a9fc4fa
b76c87fd3e747819e88193fc749d08a9c7f35ed96283bf6e0a67c76ec81cad86
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /style/jsonp HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:27 GMT
Content-Type: application/octet-stream
Content-Length: 270241
Last-Modified: Tue, 28 Dec 2021 06:43:34 GMT
Connection: keep-alive
ETag: "61cab216-41fa1"
Accept-Ranges: bytes
mcxnojsets.duckdns.org/style/footer_logo.png
179.43.149.15200 OK 2.5 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/footer_logo.png
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type PNG image data, 166 x 36, 8-bit colormap, non-interlaced\012- data
Hash 2ec9123e99f5bfc30eb6bab6adf4a98c
4a75416645fa77cae48881545549195e218ad964
238491a4f6b340e1f8aed61b6246cf8fd50e6c58ee4908293559ac39177a34a1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /style/footer_logo.png HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/png
Content-Length: 2517
Last-Modified: Thu, 21 Apr 2022 07:55:12 GMT
Connection: keep-alive
ETag: "62610de0-9d5"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mcxnojsets.duckdns.org/images/alert_icon.png
179.43.149.15200 OK 2.4 kB URL HTTP/1.1 mcxnojsets.duckdns.org/images/alert_icon.png
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type PNG image data, 82 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash eeedf83f7c31a1cc3b03301da2650625
297e0976f8bc4c00b019ad7174f8ec7cf8d3e932
e343f2762985bd31c680aba3de06f0c8fb91c1d8c9a492cec3acd4b84be244c5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /images/alert_icon.png HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/png
Content-Length: 2355
Last-Modified: Fri, 18 Feb 2022 10:36:02 GMT
Connection: keep-alive
ETag: "620f7692-933"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
108.138.212.162200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.138.212.162:0
Hash 8e84d67b6ee42cff279bb49e74b6d37f
a60538ac34cea28a3ea371e5188ae8ca1618c479
804f7865fecf45ae1e7b9724bc4ab59d167f8d115868a09d93831f2356916871
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111802
Date: Sat, 22 Oct 2022 14:48:28 GMT
Etag: "635302cc-1d7"
Expires: Sun, 23 Oct 2022 21:51:50 GMT
Last-Modified: Fri, 21 Oct 2022 20:36:28 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 77c679d2765b514e835e71841df67db2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: amToRSho0-MEBFxd-JrtPx44-32y0XskTTNFeWxQ_w5-1Vri89BSxg==
Age: 4522
mcxnojsets.duckdns.org/style/A1.png
179.43.149.15200 OK 15 kB URL HTTP/1.1 mcxnojsets.duckdns.org/style/A1.png
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type PNG image data, 287 x 431, 8-bit colormap, non-interlaced\012- data
Hash 70da5684bd4eafc9b766a8e46ea66b89
a288a35624875fea6907e4b7190cc4db0aaa9b44
7a7859c43fa248f99fa089c299ccc8e573c4c87996d6762a69adf0338e9d7643
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /style/A1.png HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/png
Content-Length: 15179
Last-Modified: Sun, 13 Feb 2022 11:00:26 GMT
Connection: keep-alive
ETag: "6208e4ca-3b4b"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mcxnojsets.duckdns.org/undefined//accdn.lpsnmedia.net/api/account/16820676/configuration/setting/accountproperties/?cb=lpCb38387x68007
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/undefined//accdn.lpsnmedia.net/api/account/16820676/configuration/setting/accountproperties/?cb=lpCb38387x68007
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /undefined//accdn.lpsnmedia.net/api/account/16820676/configuration/setting/accountproperties/?cb=lpCb38387x68007 HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/undefined//accdn.lpsnmedia.net/api/account/16820676/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/undefined//accdn.lpsnmedia.net/api/account/16820676/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /undefined//accdn.lpsnmedia.net/api/account/16820676/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
mcxnojsets.duckdns.org/etc.clientlibs/settings/wcm/designs/au-com/clientlib-site/resources/images/icon/icon_sprite.png
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/etc.clientlibs/settings/wcm/designs/au-com/clientlib-site/resources/images/icon/icon_sprite.png
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /etc.clientlibs/settings/wcm/designs/au-com/clientlib-site/resources/images/icon/icon_sprite.png HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/style/clientlib-base.min.2cd0f20a74d6d0eea0783cc325103d58.css
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2507
Expires: Sat, 22 Oct 2022 15:30:15 GMT
Date: Sat, 22 Oct 2022 14:48:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2507
Expires: Sat, 22 Oct 2022 15:30:15 GMT
Date: Sat, 22 Oct 2022 14:48:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2507
Expires: Sat, 22 Oct 2022 15:30:15 GMT
Date: Sat, 22 Oct 2022 14:48:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bed68ee568e74be152402c71cbf26510
38092ae53739e8ee13362c84df108bad734c4b64
26cd9ff2fb48cc7fb7c83cc325f4cb4713fc442cc4842baa728c570081be0445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD9FF2FB48CC7FB7C83CC325F4CB4713FC442CC4842BAA728C570081BE0445"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2507
Expires: Sat, 22 Oct 2022 15:30:15 GMT
Date: Sat, 22 Oct 2022 14:48:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 616e14aee034bbf77c3b74b3ea53961b
ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c
0ae716474e2837c90c658d635fb9db2c8d4cdb7bf025b8e4e9e802e3ff56b0c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd771af0d-55ee-450f-bbb3-a9e419e74a51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7372
x-amzn-requestid: 080f5f7f-51a8-4ef5-9acc-0c7f7f64defb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-ojEg2IAMFjPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63531169-5106c8af6e77450c33a0c899;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -R91mOdVOCkUp-5vOpEyQactO7SrjtbYwxTsvbR1LP6fBlFZFDTP5A==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
age: 60476
etag: "ebf69c1ff6dc9450f33aef5dc2403d4df17a4c2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hitgYm684zdpmL8IbPzFxhPWRrc2-VmnlofdTiPhJzkrc26mgXTTTA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:41 GMT
age: 60467
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4fb0f4c9ac5a88678baf456107f5341
f6c54dbdfad7e243fe38c03f004c4c79f96b2892
b2fc6c453d7ed610521fcf34d7736a20191d86b485fd57236d2d2c4849cbb8d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f34cfb-1029-497a-8d09-65db888e6f11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7821
x-amzn-requestid: b3b72561-80fd-4b73-862c-ad070f135634
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzEkrIAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-73f427947c17f35667c0b443;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LMoH9qNuDmuriAWS_UIw4XHAUcnNhvxI48pB39I68aypUxeorSft0A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:00:32 GMT
etag: "f6c54dbdfad7e243fe38c03f004c4c79f96b2892"
content-type: image/jpeg
age: 60476
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f65d4c-2c16-4111-887b-bcae5238faa2.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f65d4c-2c16-4111-887b-bcae5238faa2.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e44a8dcfdfa8527125ae334ecf2acc2c
c6cf8d68ae9c8c76f072576bca1c271ae70f7525
81386f6c1e64e32069aeeb7a340b0d51851ca907f9db223570e70e5c46f04fed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f65d4c-2c16-4111-887b-bcae5238faa2.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12012
x-amzn-requestid: f0a1e367-d30e-488c-82d6-005eb15a21c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-TLE1MoAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310e0-27ce063b550723635109ca7b;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VEMcF0HdB5O2-7cLAZGGI4XmWu5RDySUzD9owOQv_T02ZmV8pRpSLQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:36:33 GMT
age: 58315
etag: "c6cf8d68ae9c8c76f072576bca1c271ae70f7525"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kV1qS7kI7-DRm5Su-p133YIf_m4n6i16uBSDrGdsbMDPxD_2v1a69Q==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:20:05 GMT
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
age: 59303
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cdaacab30d73a7d05180cc16f4a96a3f
6cc0e39e0decbc20c765f171f63affd85fc9e6da
f015c3b1d838bd7d100ee104551bed2bb06a512b20ce3e5ac419d54b747fadd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10720
x-amzn-requestid: 96267527-f482-4bfa-ba7a-12467408efe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MvGutIAMFc8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b7-25f2624559b0fb7d62ced3a3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4--AiSTKMMOm9HnJL_ervFnd5rkQ-WZfGM-FNkxXKO892SPw67cxXA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:42 GMT
age: 59806
etag: "6cc0e39e0decbc20c765f171f63affd85fc9e6da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mcxnojsets.duckdns.org/images/1.jpg
179.43.149.15200 OK 184 kB URL HTTP/1.1 mcxnojsets.duckdns.org/images/1.jpg
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1076x2101, components 3\012- data
Size 184 kB (183496 bytes)
Hash a084587f8940384c199a33848fb25918
a33aef093105a646c047a6d5259c04cc80825a61
2e0e02416da081dbdfdca1a350db6bd6b1db7c23c6aa3c300cb5a82a734064ec
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /images/1.jpg HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/jpeg
Content-Length: 183496
Last-Modified: Thu, 21 Apr 2022 08:02:32 GMT
Connection: keep-alive
ETag: "62610f98-2ccc8"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mcxnojsets.duckdns.org/images/4.jpg
179.43.149.15200 OK 132 kB URL HTTP/1.1 mcxnojsets.duckdns.org/images/4.jpg
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, height=2316, software=Android RP1A.200720.012.SC53AOMU1BUB5, orientation=upper-left, width=1080], baseline, precision 8, 564x1333, components 3\012- data
Size 132 kB (131769 bytes)
Hash 2f1d5704dda2f2a209c839252b58dbb4
bab08a50e34b304f2fe473080c1bd463feeff61c
879ef7f9fdf3ada12f8e1c405e6e04beda0e4871bdb92177fa7f1c44de5340b4
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /images/4.jpg HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/jpeg
Content-Length: 131769
Last-Modified: Sun, 20 Feb 2022 11:30:50 GMT
Connection: keep-alive
ETag: "6212266a-202b9"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
i.smartnews-ads.com/pe?b=%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22SmartnewsAds%20does%20not%20defined.%22%2C%22fileName%22%3A%22http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%22%2C%22stack%22%3A%22%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3627%5Cn%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3825%5Cn%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3843%5Cn%22%7D
54.249.23.8200 OK 0 B URL HTTP/2 i.smartnews-ads.com/pe?b=%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22SmartnewsAds%20does%20not%20defined.%22%2C%22fileName%22%3A%22http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%22%2C%22stack%22%3A%22%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3627%5Cn%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3825%5Cn%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3843%5Cn%22%7D
IP 54.249.23.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pe?b=%7B%22name%22%3A%22Error%22%2C%22message%22%3A%22SmartnewsAds%20does%20not%20defined.%22%2C%22fileName%22%3A%22http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%22%2C%22stack%22%3A%22%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3627%5Cn%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3825%5Cn%40http%3A%2F%2Fmcxnojsets.duckdns.org%2Fstyle%2Fpixel.js%3A1%3A3843%5Cn%22%7D HTTP/1.1
Host: i.smartnews-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 14:48:28 GMT
content-length: 0
set-cookie: AWSALBTG=/pnYTPzyoxKNxs/Uxkt/oqTOOa2SZn+mmzulkuwNJBpjgpd5auaryi9RlsV1aY84CHQe14PrNdsr10LBrNMF2xRZlacKtmktyBWZVjEAUIpG60rHADx0TQUErBYe8GPuBGxhBiXrb8XXFt3MxCgqBideZRu+HmkrYjJO/Fj/d3jvPJzWgAA=; Expires=Sat, 29 Oct 2022 14:48:28 GMT; Path=/
AWSALBTGCORS=/pnYTPzyoxKNxs/Uxkt/oqTOOa2SZn+mmzulkuwNJBpjgpd5auaryi9RlsV1aY84CHQe14PrNdsr10LBrNMF2xRZlacKtmktyBWZVjEAUIpG60rHADx0TQUErBYe8GPuBGxhBiXrb8XXFt3MxCgqBideZRu+HmkrYjJO/Fj/d3jvPJzWgAA=; Expires=Sat, 29 Oct 2022 14:48:28 GMT; Path=/; SameSite=None; Secure
g=AIGEBoIHKNC1gHi8DaAj75FD3E6smzWE6jJORMECoINLoEIem-QiMtsSKJPISMLMqHQP5dwEh8TIktENIzy2LwM%3D; Path=/; Domain=smartnews-ads.com; Max-Age=63072000; HttpOnly
X-Firefox-Spdy: h2
mcxnojsets.duckdns.org/images/3.jpg
179.43.149.15200 OK 148 kB URL HTTP/1.1 mcxnojsets.duckdns.org/images/3.jpg
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1067x2117, components 3\012- data
Size 148 kB (148161 bytes)
Hash 2f182431fa9e962e567c82e9419e417a
30ae6475d26fffca83b7828573dcf0c31684dab3
0ff0acac08c03a0560cbd80a9377b5ea2059930dcf7ff8997b833a86bcdba1a9
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /images/3.jpg HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/jpeg
Content-Length: 148161
Last-Modified: Mon, 14 Mar 2022 10:21:06 GMT
Connection: keep-alive
ETag: "622f1712-242c1"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7b7680227b17d0e498198e5ec26256a5
b02cdb09e0980de277ffb4cae6c1d696263290f1
5f8f1f2ff01f824bd4b8d969b7533b575a41912a4fcea18bfd2bee2fa22066ef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 60fcf0b588f9927fde2759de6b3e3fed
f564b9ea498a878638fa3a374bf6fdfe468559ad
ae3eb07b4b347d54014f24971dafb4dccbc009c397caec6a78403e92e65f3cbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mcxnojsets.duckdns.org/images/6.jpg
179.43.149.15200 OK 295 kB URL HTTP/1.1 mcxnojsets.duckdns.org/images/6.jpg
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1071x2000, components 3\012- data
Size 295 kB (295429 bytes)
Hash 18c1db0ce9f6b86e5834a82057f021cc
630e64c274df5e05f3b6e0a188c47820734971f5
f16462cb9c62143c271ee35ccf3fd34d8974f048515b824187aeffe4ae79d290
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /images/6.jpg HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/jpeg
Content-Length: 295429
Last-Modified: Thu, 21 Apr 2022 08:22:56 GMT
Connection: keep-alive
ETag: "62611460-48205"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.google.com/pagead/1p-user-list/734429637/?random=1640670084784&cv=9&fst=1640667600000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=646330754&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/734429637/?random=1640670084784&cv=9&fst=1640667600000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=646330754&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/734429637/?random=1640670084784&cv=9&fst=1640667600000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=646330754&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/8da38e9a/www-widgetapi.vflset/www-widgetapi.js
142.250.74.14200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/8da38e9a/www-widgetapi.vflset/www-widgetapi.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (618)
Hash 179dd1c6d470677a2c3cda856881ba1c
77fafd5bb8f4b1064bb1e25d638c5fa0bb923983
bd56d7f7681a0db18111b79ab4370717fee6c048b513f3de57c05b113109ddfc
GET /s/player/8da38e9a/www-widgetapi.vflset/www-widgetapi.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49407
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 06:16:51 GMT
expires: Sun, 22 Oct 2023 06:16:51 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 17 Dec 2021 22:18:14 GMT
content-type: text/javascript
age: 30698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/966809845/?random=1640670084723&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1759679616&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/966809845/?random=1640670084723&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1759679616&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/966809845/?random=1640670084723&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1759679616&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mcxnojsets.duckdns.org/favicon.ico
179.43.149.15404 Not Found 146 B URL HTTP/1.1 mcxnojsets.duckdns.org/favicon.ico
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /favicon.ico HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Cookie: __tins__21221611=%7B%22sid%22%3A%201666450122293%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666451922293%7D; __51cke__=; __51laig__=1; count_download=2
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 22 Oct 2022 14:48:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.google.com/pagead/1p-user-list/971280506/?random=1640670084720&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=118820756&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/971280506/?random=1640670084720&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=118820756&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/971280506/?random=1640670084720&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=118820756&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.co.jp/pagead/1p-user-list/966809845/?random=1640670084723&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1759679616&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
216.58.207.195200 OK 42 B URL HTTP/2 www.google.co.jp/pagead/1p-user-list/966809845/?random=1640670084723&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1759679616&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 216.58.207.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/966809845/?random=1640670084723&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1759679616&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b8f71c6c42455bfec202159bdcc2fdf
af2e80c1f30adfc52a787e21869964e4d4d3d45a
30b41325c1bbd3720c6787422624680dc9708230f84bf1df177a3b113563869a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 60fcf0b588f9927fde2759de6b3e3fed
f564b9ea498a878638fa3a374bf6fdfe468559ad
ae3eb07b4b347d54014f24971dafb4dccbc009c397caec6a78403e92e65f3cbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/722277671/?random=1640670084725&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1966974186&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/722277671/?random=1640670084725&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1966974186&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/722277671/?random=1640670084725&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1966974186&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.co.jp/pagead/1p-user-list/734429637/?random=1640670084784&cv=9&fst=1640667600000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=646330754&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
216.58.207.195200 OK 42 B URL HTTP/2 www.google.co.jp/pagead/1p-user-list/734429637/?random=1640670084784&cv=9&fst=1640667600000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=646330754&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 216.58.207.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/734429637/?random=1640670084784&cv=9&fst=1640667600000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=646330754&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/969464486/?random=1640670084729&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=190659276&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/969464486/?random=1640670084729&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=190659276&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/969464486/?random=1640670084729&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=190659276&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.co.jp/pagead/1p-user-list/971280506/?random=1640670084720&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=118820756&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
216.58.207.195200 OK 42 B URL HTTP/2 www.google.co.jp/pagead/1p-user-list/971280506/?random=1640670084720&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=118820756&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 216.58.207.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/971280506/?random=1640670084720&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=118820756&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.co.jp/pagead/1p-user-list/722277671/?random=1640670084725&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1966974186&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
216.58.207.195200 OK 42 B URL HTTP/2 www.google.co.jp/pagead/1p-user-list/722277671/?random=1640670084725&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1966974186&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 216.58.207.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/722277671/?random=1640670084725&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1966974186&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.co.jp/pagead/1p-user-list/877365245/?random=1640670084731&cv=9&fst=1640667600000&num=1&guid=ON&eid=376635471&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=3398682966&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
216.58.207.195200 OK 42 B URL HTTP/2 www.google.co.jp/pagead/1p-user-list/877365245/?random=1640670084731&cv=9&fst=1640667600000&num=1&guid=ON&eid=376635471&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=3398682966&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 216.58.207.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/877365245/?random=1640670084731&cv=9&fst=1640667600000&num=1&guid=ON&eid=376635471&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=3398682966&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/877365245/?random=1640670084731&cv=9&fst=1640667600000&num=1&guid=ON&eid=376635471&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=3398682966&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/877365245/?random=1640670084731&cv=9&fst=1640667600000&num=1&guid=ON&eid=376635471&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=3398682966&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/877365245/?random=1640670084731&cv=9&fst=1640667600000&num=1&guid=ON&eid=376635471&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=3398682966&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.co.jp/pagead/1p-user-list/969464486/?random=1640670084729&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=190659276&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
216.58.207.195200 OK 42 B URL HTTP/2 www.google.co.jp/pagead/1p-user-list/969464486/?random=1640670084729&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=190659276&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 216.58.207.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/969464486/?random=1640670084729&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=190659276&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/968131194/?random=1640670084727&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1351831474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/968131194/?random=1640670084727&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1351831474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/968131194/?random=1640670084727&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1351831474&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.co.jp/pagead/1p-user-list/968131194/?random=1640670084727&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1351831474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
216.58.207.195200 OK 42 B URL HTTP/2 www.google.co.jp/pagead/1p-user-list/968131194/?random=1640670084727&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1351831474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 216.58.207.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/968131194/?random=1640670084727&cv=9&fst=1640667600000&num=1&guid=ON&u_h=568&u_w=320&u_ah=568&u_aw=320&u_cd=24&u_his=1&u_tz=480&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.au.com%2Fsupport%2Fservice%2Finternet%2Fprocedure%2Fservice%2Fanshin-net%2Fdownload-01%2F&tiba=%E5%AE%89%E5%BF%83%E3%83%8D%E3%83%83%E3%83%88%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E6%9C%80%E6%96%B0%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C%20%E3%82%AA%E3%83%97%E3%82%B7%E3%83%A7&async=1&fmt=3&is_vtc=1&random=1351831474&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 14:48:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b8f71c6c42455bfec202159bdcc2fdf
af2e80c1f30adfc52a787e21869964e4d4d3d45a
30b41325c1bbd3720c6787422624680dc9708230f84bf1df177a3b113563869a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 924935dfe678e1cafb56906ef15defec
063dc4e38a869415d29ff059c0e173966c0c96dd
12045f462e3aa1fa3d2c97f1c3c67951dedc6410db5ce75c1907de5beff81bf4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 14:48:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 14:48:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=524002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e308c238470b61-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9d0997d027597b317ab34fac7a3d966d
41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee
50eb027e15a718a6593b1f15a9b4123c959154eb2f1dc7dfa83d442d9c18ca3e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 14:48:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 21 Oct 2022 16:31:53 GMT
Expires: Fri, 28 Oct 2022 16:31:52 GMT
Etag: "41f87f15a5e827c6dfbfbec8dbfb00fe7a412fee"
Cache-Control: max-age=524002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75e308c23a59b517-OSL
mcxnojsets.duckdns.org/images/10.jpg
179.43.149.15200 OK 335 kB URL HTTP/1.1 mcxnojsets.duckdns.org/images/10.jpg
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1080x2316, components 3\012- data
Size 335 kB (335181 bytes)
Hash 7d571eef2839632248d1dac721a331bf
108d846c9f1507ef0fea205ddd1864450ca93160
78b4e0c4282056ec3caaeaad47b4cb3efeea5b2a7ccee879ba60e41a3952b1eb
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /images/10.jpg HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/jpeg
Content-Length: 335181
Last-Modified: Thu, 21 Apr 2022 08:32:10 GMT
Connection: keep-alive
ETag: "6261168a-51d4d"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mcxnojsets.duckdns.org/images/5.jpg
179.43.149.15200 OK 312 kB URL HTTP/1.1 mcxnojsets.duckdns.org/images/5.jpg
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1074x2016, components 3\012- data
Size 312 kB (312004 bytes)
Hash 2a108a046143cf778f5936af5af0b763
75948f80e2061417fe299ec0ecf499f2a829f40b
561a8c5b02aa86a348eea166c36cf988d796863f7ac3783901bf19bb9d7648da
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /images/5.jpg HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/jpeg
Content-Length: 312004
Last-Modified: Thu, 21 Apr 2022 08:20:40 GMT
Connection: keep-alive
ETag: "626113d8-4c2c4"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
mcxnojsets.duckdns.org/images/2.jpg
179.43.149.15200 OK 528 kB URL HTTP/1.1 mcxnojsets.duckdns.org/images/2.jpg
IP 179.43.149.15:0
ASN #51852 Private Layer INC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, height=2316, software=www.meitu.com, width=1080], baseline, precision 8, 1071x2126, components 3\012- data
Size 528 kB (528405 bytes)
Hash b2db5e6fde5381e54402921a6fad055e
1a2319ce0da9b3f7e4e97b026fe08bbde4123ab9
b7392c0ddd8a451364791930377fc50edd75f0b493204d47e9eec1440f818547
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /images/2.jpg HTTP/1.1
Host: mcxnojsets.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 22 Oct 2022 14:48:28 GMT
Content-Type: image/jpeg
Content-Length: 528405
Last-Modified: Thu, 21 Apr 2022 08:16:30 GMT
Connection: keep-alive
ETag: "626112de-81015"
Expires: Mon, 21 Nov 2022 14:48:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
sy.v.liveperson.net/api/js/16820676?&cb=lpCb21136x46176&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
43.251.41.28403 Forbidden 80 B URL HTTP/1.1 sy.v.liveperson.net/api/js/16820676?&cb=lpCb21136x46176&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 43.251.41.28:0
Hash 8d004e6b123ab552527a143b8b2bc797
fb612cca0160019fc485317e9b8e4de1d3a4e8c0
d01fac33d87a265dc8df762aa08a6092b17b2992e104710e7c84095ab59ad87d
GET /api/js/16820676?&cb=lpCb21136x46176&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: sy.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 403 Forbidden
Date: Sat, 22 Oct 2022 14:48:31 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ws
Access-Control-Allow-Methods: GET, POST, PATCH
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
Access-Control-Expose-Headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
sy.v.liveperson.net/api/js/16820676?&cb=lpCb65578x754&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
43.251.41.28403 Forbidden 80 B URL HTTP/1.1 sy.v.liveperson.net/api/js/16820676?&cb=lpCb65578x754&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 43.251.41.28:0
Hash 8d004e6b123ab552527a143b8b2bc797
fb612cca0160019fc485317e9b8e4de1d3a4e8c0
d01fac33d87a265dc8df762aa08a6092b17b2992e104710e7c84095ab59ad87d
GET /api/js/16820676?&cb=lpCb65578x754&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: sy.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 403 Forbidden
Date: Sat, 22 Oct 2022 14:48:32 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ws
Access-Control-Allow-Methods: GET, POST, PATCH
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
Access-Control-Expose-Headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
sy.v.liveperson.net/api/js/16820676?&cb=lpCb15296x98501&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
43.251.41.28403 Forbidden 80 B URL HTTP/1.1 sy.v.liveperson.net/api/js/16820676?&cb=lpCb15296x98501&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 43.251.41.28:0
Hash 8d004e6b123ab552527a143b8b2bc797
fb612cca0160019fc485317e9b8e4de1d3a4e8c0
d01fac33d87a265dc8df762aa08a6092b17b2992e104710e7c84095ab59ad87d
GET /api/js/16820676?&cb=lpCb15296x98501&t=sp&ts=1666450125623&pid=9884031637&tid=2413557974&pt=%E3%80%8C%E8%BF%B7%E6%83%91%E3%83%A1%E3%83%83%E3%82%BB%E3%83%BC%E3%82%B8.%E9%9B%BB%E8%A9%B1%E3%83%96%E3%83%AD%E3%83%83%E3%82%AF%E3%80%8D%E6%9C%80%E6%96%B0%E7%84%A1%E6%96%99%E7%89%88%E3%82%A2%E3%83%97%E3%83%AA%E3%81%AE%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89%20%7C&u=http%3A%2F%2Fmcxnojsets.duckdns.org%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: sy.v.liveperson.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
HTTP/1.1 403 Forbidden
Date: Sat, 22 Oct 2022 14:48:33 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: ws
Access-Control-Allow-Methods: GET, POST, PATCH
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
Access-Control-Expose-Headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
accdn.lpsnmedia.net/api/account/16820676/configuration/domainprotection/refererrestrictions?cb=lpCb68749x23522
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/16820676/configuration/domainprotection/refererrestrictions?cb=lpCb68749x23522
IP 178.249.101.99:0
GET /api/account/16820676/configuration/domainprotection/refererrestrictions?cb=lpCb68749x23522 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 14:48:30 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:97f81cda-3799-4a80-aa48-0aba28256b8d; Max-Age=30; Expires=Sat, 22-Oct-2022 14:49:00 GMT; Path=/
ADRUM_BTa=R:28|g:97f81cda-3799-4a80-aa48-0aba28256b8d|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sat, 22-Oct-2022 14:49:00 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sat, 22-Oct-2022 14:49:00 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241585; Max-Age=30; Expires=Sat, 22-Oct-2022 14:49:00 GMT; Path=/
ADRUM_BT1=R:28|i:2241585|e:6; Max-Age=30; Expires=Sat, 22-Oct-2022 14:49:00 GMT; Path=/
vary: Accept
expires: Sat, 22 Oct 2022 14:49:30 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=http%3A%2F%2Fmcxnojsets.duckdns.org&site=16820676&env=prod&isCrossDomain=true
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=http%3A%2F%2Fmcxnojsets.duckdns.org&site=16820676&env=prod&isCrossDomain=true
IP 178.249.97.98:0
GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=http%3A%2F%2Fmcxnojsets.duckdns.org&site=16820676&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 14:48:29 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 14:48:29 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=http%3A%2F%2Fmcxnojsets.duckdns.org&site=16820676&force=1&env=prod&isCrossDomain=true
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=http%3A%2F%2Fmcxnojsets.duckdns.org&site=16820676&force=1&env=prod&isCrossDomain=true
IP 178.249.97.98:0
GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=http%3A%2F%2Fmcxnojsets.duckdns.org&site=16820676&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mcxnojsets.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 14:48:30 GMT
content-type: application/javascript
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Sun, 22 Oct 2023 14:48:30 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2