urlquery - report: kfeppnchfz.duckdns.org/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (7)	344	2020-12-02 08:52:13 UTC	2022-09-05 04:38:00 UTC	23.36.77.32
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-09-05 14:49:07 UTC	143.204.55.27
kfeppnchfz.duckdns.org (10)	0	2022-09-04 09:44:15 UTC	2022-09-05 19:09:17 UTC	63.251.217.14	Unknown ranking
ocsp.globalsign.com (2)	2075	2012-05-25 06:20:55 UTC	2022-09-05 04:45:07 UTC	104.18.21.226
www.nta.go.jp (1)	0	2022-06-02 22:30:28 UTC	2022-09-05 19:33:29 UTC	54.230.111.64	Domain (nta.go.jp) ranked at: 320855
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-09-05 08:52:38 UTC	34.120.237.76
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-09-05 05:14:21 UTC	143.204.55.25
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-09-05 04:38:54 UTC	34.117.237.239
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-09-05 17:53:49 UTC	93.184.220.29
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-09-05 05:10:58 UTC	44.242.32.27
js.users.51.la (1)	53024	2012-05-30 15:10:11 UTC	2022-09-05 15:58:08 UTC	103.143.19.103
ia.51.la (1)	59607	2017-10-31 08:01:51 UTC	2022-09-05 11:08:06 UTC	103.143.19.103

Scan Date	Severity	Indicator	Comment
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN
2022-09-05	2	kfeppnchfz.duckdns.org/	National Tax Agency JAPAN

Scan Date	Severity	Indicator	Comment
2022-09-05	2	js.users.51.la/21298305.js	Malware
2022-09-05	2	kfeppnchfz.duckdns.org/static/js/jquery.cookie.js	Phishing
2022-09-05	2	kfeppnchfz.duckdns.org/	Phishing

Scan Date	Severity	Indicator	Comment
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed
2022-09-05	2	kfeppnchfz.duckdns.org	Sinkholed

Date	UQ / IDS / BL	URL	IP
2023-03-19 12:31:01 +0000	0 - 4 - 0	nkhepyzpfa.duckdns.org/	63.251.217.14
2023-03-17 12:05:43 +0000	0 - 4 - 0	mbfvxoipgj.duckdns.org/	63.251.217.14
2023-03-17 11:38:16 +0000	0 - 4 - 0	nbhqgqonpf.duckdns.org/	63.251.217.14
2023-03-14 11:29:56 +0000	0 - 4 - 0	exdqmbnmuw.duckdns.org/	63.251.217.14
2023-03-14 07:11:46 +0000	0 - 4 - 0	zcwpzffxlt.duckdns.org/	63.251.217.14

Date	UQ / IDS / BL	URL	IP
2023-03-28 14:24:27 +0000	0 - 0 - 49	www.on-kotayamatoo-co.jp.hai-song.com.cn/third.php	23.147.226.72
2023-03-28 14:23:50 +0000	0 - 0 - 1	www.to-kotayamata-co.jp.ythotel.com.cn/third.php	23.147.226.72
2023-03-28 08:59:34 +0000	0 - 0 - 1	185.161.70.67/b2f628/cronb.sh	185.161.70.67
2023-03-28 05:17:41 +0000	0 - 0 - 20	www.on-kotayamatoo-co.jp.hai-song.com.cn/card (...)	23.147.226.72
2023-03-27 18:14:03 +0000	0 - 4 - 0	neqquchsud.duckdns.org/	193.239.146.81

Date	UQ / IDS / BL	URL	IP
2022-09-05 21:55:57 +0000	11 - 0 - 23	kfeppnchfz.duckdns.org/	63.251.217.14
2022-09-05 19:09:38 +0000	11 - 0 - 24	kfeppnchfz.duckdns.org/	63.251.217.14

Date	UQ / IDS / BL	URL	IP
2023-03-17 14:34:19 +0000	29 - 7 - 0	ucueaqtqze.duckdns.org/	130.0.232.99
2023-03-17 14:23:46 +0000	28 - 7 - 0	srrepnvnhm.duckdns.org/	130.0.232.99
2023-03-17 13:53:53 +0000	29 - 7 - 0	qveryqivam.duckdns.org/	130.0.232.99
2023-03-17 13:48:55 +0000	29 - 7 - 5	mxyfizvxym.duckdns.org/	64.15.75.85
2023-03-17 12:38:33 +0000	25 - 7 - 0	gjwzmlgxbt.duckdns.org/	103.169.91.217

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 26f4537ed2b3e8cce7e0c058c9b8f7d8a6e6047e77fed06ca341dedc80b0e4c9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "26F4537ED2B3E8CCE7E0C058C9B8F7D8A6E6047E77FED06CA341DEDC80B0E4C9" Last-Modified: Sun, 04 Sep 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=1663 Expires: Mon, 05 Sep 2022 22:23:30 GMT Date: Mon, 05 Sep 2022 21:55:47 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9835e2176db64931bf0e0bf800bc7232 Sha1: 4129574e8f98efb0556a0bdfdeefe670387d0637 Sha256: 26f4537ed2b3e8cce7e0c058c9b8f7d8a6e6047e77fed06ca341dedc80b0e4c9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29" Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3676 Expires: Mon, 05 Sep 2022 22:57:03 GMT Date: Mon, 05 Sep 2022 21:55:47 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d931e0142ef5ffe9cdb4c4c6bfcb9bc9 Sha1: d9c4caf525e8926b042a14f38d374cc4033ed768 Sha256: f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Mon, 05 Sep 2022 21:45:03 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: lju-zUUoH3h7aajoGn4uPrwkGj7_CxDtflTK5JMpwaWLdLm6g19kNg== Age: 644 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 99b7d23c1748d0526782b9ff9ea45f09 Sha1: eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 143.204.55.25 HASH: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345 143.204.55.25 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 20 Aug 2022 23:18:05 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Mon, 05 Sep 2022 01:15:19 GMT etag: "742edb4038f38bc533514982f3d2e861" x-cache: Hit from cloudfront via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: s1O68ghzVeO9hu-JjWAFhba9csGTMv60Lx9fpJPZ7pj9qrDYpEYuZA== age: 74430 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 742edb4038f38bc533514982f3d2e861 Sha1: cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /static/gs_vk/reset.css HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/static/gs_vk/reset.css FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 HASH: e0e6a4ef211b0c936b3a38abe91cda1ebbbcc4a3c2d8e706ef7a1dc2c55427c3 63.251.217.14 HTTP/2 200 OK content-type: text/css server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT content-length: 884 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-374" expires: Tue, 06 Sep 2022 09:55:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: CSV text\012- , ASCII text, with CRLF line terminators Size: 884 Md5: a77d6f26781539c015b1b1d84dac9c06 Sha1: 6f9e90a2e3c9f2bcb9337e577150bde1d3a29ccb Sha256: e0e6a4ef211b0c936b3a38abe91cda1ebbbcc4a3c2d8e706ef7a1dc2c55427c3 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - quad9: Sinkholed
GET /static/gs_vk/index.css HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/static/gs_vk/index.css FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 HASH: de36d3e9e989de40ae0bf5252af018ef55fdc0ed938042bdba11147f1127e431 63.251.217.14 HTTP/2 200 OK content-type: text/css server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT content-length: 748 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-2ec" expires: Tue, 06 Sep 2022 09:55:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 748 Md5: 91692497e479f6cc955e4de6d627a499 Sha1: bb57de5c2d4dafee21f66645d776d3064f4b79bd Sha256: de36d3e9e989de40ae0bf5252af018ef55fdc0ed938042bdba11147f1127e431 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - quad9: Sinkholed
GET /static/gs_vk/logo.png HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/static/gs_vk/logo.png FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 HASH: bf1532dfb899554f52b0a98c2870c9a6f19e6abaf74288c6de321813fed91666 63.251.217.14 HTTP/2 200 OK content-type: image/png server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT content-length: 2973 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-b9d" expires: Wed, 05 Oct 2022 21:55:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 275 x 29, 8-bit/color RGBA, non-interlaced\012- data Size: 2973 Md5: c6d404ecaa7646ff497deaad55392996 Sha1: 1c66c5caf35e3e633d1cb1e09a334362ad11f5fb Sha256: bf1532dfb899554f52b0a98c2870c9a6f19e6abaf74288c6de321813fed91666 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - quad9: Sinkholed
GET /static/gs_vk/syozai_icon.png HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/static/gs_vk/syozai_icon.png FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 HASH: 5aa0964ac2cb5cbb5823d166f55495ac12747f3fbf2b56f7d290ac161eb2aead 63.251.217.14 HTTP/2 200 OK content-type: image/png server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT content-length: 1297 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-511" expires: Wed, 05 Oct 2022 21:55:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 15 x 24, 8-bit/color RGBA, non-interlaced\012- data Size: 1297 Md5: d038e6e8e4472bbcf6e5dac6a23d5a0e Sha1: fce966980cd73b2d732e0081b7e8dc9751db160d Sha256: 5aa0964ac2cb5cbb5823d166f55495ac12747f3fbf2b56f7d290ac161eb2aead Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - quad9: Sinkholed
GET /static/gs_vk/index.png HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/static/gs_vk/index.png FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 HASH: c0315642042bbc5f62714e1bf1ee5df4fd567a38745af3c67ff09b025a56efbb 63.251.217.14 HTTP/2 200 OK content-type: image/png server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT content-length: 104029 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-1965d" expires: Wed, 05 Oct 2022 21:55:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 750x516, components 3\012- data Size: 104029 Md5: 3b288cf2cf8b233a1f459e89dc209d79 Sha1: 08aa186779070d33edbca5dece75e2760dfa4065 Sha256: c0315642042bbc5f62714e1bf1ee5df4fd567a38745af3c67ff09b025a56efbb Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - quad9: Sinkholed
GET /static/gs_vk/banner.png HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/static/gs_vk/banner.png FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 HASH: 2fe3b5cadeb4ad9fec7ee39d1f2170c6bb656436597087aa9a582713e53bed75 63.251.217.14 HTTP/2 200 OK content-type: image/png server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT content-length: 220877 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-35ecd" expires: Wed, 05 Oct 2022 21:55:47 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 670 x 238, 8-bit/color RGB, non-interlaced\012- data Size: 220877 Md5: 2f987a1099c7a986fa860cf0e80d7b5d Sha1: 0a3e6dfbf3b0e7d361ba9fc088e2ef7805ec0310 Sha256: 2fe3b5cadeb4ad9fec7ee39d1f2170c6bb656436597087aa9a582713e53bed75 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - quad9: Sinkholed
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 143.204.55.27 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 143.204.55.27 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Mon, 05 Sep 2022 21:38:16 GMT Cache-Control: max-age=3600 Expires: Mon, 05 Sep 2022 22:30:15 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 5phwbon4NLtB6JAKNwMWfLiq6FrjAjfKu6sACGULT6FAgn_qcFUQCQ== Age: 1051 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST /gsgccr3dvtlsca2020 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsgccr3dvtlsca2020 FQDN: ocsp.globalsign.com IP: 104.18.21.226 HASH: f335069e9d9ad68231b351f26be96571dbba3d08a372369b30df23969fac7294 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Sep 2022 21:55:48 GMT Content-Length: 1414 Connection: keep-alive Expires: Fri, 09 Sep 2022 19:11:38 GMT ETag: "0e5e5075e884600dae6117bad9343751f18c516f" Last-Modified: Mon, 05 Sep 2022 19:11:39 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 337 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7462361179efb51d-OSL --- Additional Info --- Magic: data Size: 1414 Md5: 7206f7b60e1c55dbb2d081437eb8dcf3 Sha1: 0e5e5075e884600dae6117bad9343751f18c516f Sha256: f335069e9d9ad68231b351f26be96571dbba3d08a372369b30df23969fac7294
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 1792 Cache-Control: 'max-age=158059' Date: Mon, 05 Sep 2022 21:55:48 GMT Last-Modified: Mon, 05 Sep 2022 21:25:56 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: b57a9dd04797bf34612c80361f1dffb3 Sha1: 56573166d8b9cd9b8dae19fd905e4f3293af306b Sha256: b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: tCXCKETiqlQaE6zlFndvLw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 44.242.32.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 44.242.32.27 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: au2ACO6ADWKNszbXxMBRQKWHuco= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /21298305.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: js.users.51.la/21298305.js FQDN: js.users.51.la IP: 103.143.19.103 HASH: 0ecd3dcd19492ba3f403c15549d48ebe658c0884ea6428e177a2926e50672adf 103.143.19.103 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: CloudWAF Date: Mon, 05 Sep 2022 21:55:48 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: HWWAFSESID=364681b160e921a3206; path=/ HWWAFSESTIME=1662414946405; path=/ Cache-Control: max-age=360000 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (4898) Size: 2310 Md5: 097392b4af4b906f08b9a1900af2a3d2 Sha1: 2afc7083c44b1dd721a26e31a055aa0a09a259a6 Sha256: 0ecd3dcd19492ba3f403c15549d48ebe658c0884ea6428e177a2926e50672adf Alerts: Blocklists: - fortinet: Malware
GET /template/img/template/headerbackground.jpg HTTP/1.1 Host: www.nta.go.jp User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.nta.go.jp/template/img/template/headerbackground.jpg FQDN: www.nta.go.jp IP: 54.230.111.64 HASH: 9f7bcb50485acc2487f525f5d0d49bf0e3c239ee0150685a621b7e84d67818c7 54.230.111.64 HTTP/2 200 OK content-type: image/jpeg content-length: 29881 server: Apache x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff last-modified: Fri, 30 Mar 2018 05:48:34 GMT accept-ranges: bytes date: Mon, 05 Sep 2022 21:55:29 GMT etag: "74b9-5689aca6dd080" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: kKOoht5mNPanGV26aWvA0Aq5hwwe8hPi8jjFyE3ex9TOgR-Z2RE9OQ== age: 125 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 980x113, components 3\012- data Size: 29881 Md5: e5e2087ec026ba50dceab21313cde200 Sha1: 32528b75731905a34f01e6b4cdf3937f72c4098f Sha256: 9f7bcb50485acc2487f525f5d0d49bf0e3c239ee0150685a621b7e84d67818c7
GET /favicon.ico HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Cookie: __tins__21298305=%7B%22sid%22%3A%201662414943668%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201662416743668%7D; __51cke__=; __51laig__=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/favicon.ico FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 HASH: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 63.251.217.14 HTTP/2 404 Not Found content-type: text/html server: nginx date: Mon, 05 Sep 2022 21:55:48 GMT content-length: 146 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 146 Md5: 8eec510e57f5f732fd2cce73df7b73ef Sha1: 3c0af39ecb3753c5fee3b53d063c7286019eac3b Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - quad9: Sinkholed
POST /gsgccr3dvtlsca2020 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsgccr3dvtlsca2020 FQDN: ocsp.globalsign.com IP: 104.18.21.226 HASH: 67583c998746a2f48a85c794d49bdf177cb3db910de509fc815cd78d43f21b85 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 05 Sep 2022 21:55:49 GMT Content-Length: 1414 Connection: keep-alive Expires: Fri, 09 Sep 2022 19:20:50 GMT ETag: "1d70e7312d0ca62bdb07392969f7735051f662a2" Last-Modified: Mon, 05 Sep 2022 19:20:51 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 1731 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 746236184991b51d-OSL --- Additional Info --- Magic: data Size: 1414 Md5: 243c330cffea62adf63eb6e600adc4b1 Sha1: 1d70e7312d0ca62bdb07392969f7735051f662a2 Sha256: 67583c998746a2f48a85c794d49bdf177cb3db910de509fc815cd78d43f21b85
GET /go1?id=21298305&rt=1662414943668&rl=12801024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1662414943668&tt=&kw=&cu=https%253A%252F%252Fkfeppnchfz.duckdns.org%252F&pu= HTTP/1.1 Host: ia.51.la User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ia.51.la/go1?id=21298305&rt=1662414943668&rl=1280*1024& (...) FQDN: ia.51.la IP: 103.143.19.103 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 103.143.19.103 HTTP/1.1 200 Server: CloudWAF Date: Mon, 05 Sep 2022 21:55:49 GMT Content-Length: 0 Connection: keep-alive Set-Cookie: HWWAFSESID=0e96748430c6880ff03; path=/ HWWAFSESTIME=1662414945993; path=/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6186 Expires: Mon, 05 Sep 2022 23:38:55 GMT Date: Mon, 05 Sep 2022 21:55:49 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bc70b1691dd339e8120b92ba393ffb69 Sha1: 99118be3645b3182ccdc5f9da149a97c220a3929 Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6186 Expires: Mon, 05 Sep 2022 23:38:55 GMT Date: Mon, 05 Sep 2022 21:55:49 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bc70b1691dd339e8120b92ba393ffb69 Sha1: 99118be3645b3182ccdc5f9da149a97c220a3929 Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6186 Expires: Mon, 05 Sep 2022 23:38:55 GMT Date: Mon, 05 Sep 2022 21:55:49 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bc70b1691dd339e8120b92ba393ffb69 Sha1: 99118be3645b3182ccdc5f9da149a97c220a3929 Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6186 Expires: Mon, 05 Sep 2022 23:38:55 GMT Date: Mon, 05 Sep 2022 21:55:49 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bc70b1691dd339e8120b92ba393ffb69 Sha1: 99118be3645b3182ccdc5f9da149a97c220a3929 Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6186 Expires: Mon, 05 Sep 2022 23:38:55 GMT Date: Mon, 05 Sep 2022 21:55:49 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: bc70b1691dd339e8120b92ba393ffb69 Sha1: 99118be3645b3182ccdc5f9da149a97c220a3929 Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5652 x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X5wwHErUIAMFmNw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: uz2NbcE4AmOvFQkhJALSpXCGizilya0TuFcczfEwtV09cGXtgVNlpQ== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Sep 2022 22:08:58 GMT age: 85611 etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5652 Md5: 10318189f33f071dda64249ab9c8c5bb Sha1: e5b5b649a243e5c004d9923d19d4421d1ea96d23 Sha256: 3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074d7790-a0c5-48fe-9814-807d02b9ea17.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 34cad56ca82b17b5df4c010eecb2c7ea348faec15d33fa4b294c0ed46e2c5de8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8331 x-amzn-requestid: 53b40605-8cb6-4c36-931f-67be541289e9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X5wigGtToAMFscw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6313c7a9-645ce10e6bd850f84fcbf256;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: a0mNmWIp04fLKVgImJIc6CWErbhadUOhXG2XurGRbCgDgjSwz44p0w== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Sep 2022 22:10:33 GMT age: 85516 etag: "51ca3fc7e7048f035f79c4e425197bc618671b8c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8331 Md5: 2c0d77a2b715f8f2547f11cc5674432b Sha1: 51ca3fc7e7048f035f79c4e425197bc618671b8c Sha256: 34cad56ca82b17b5df4c010eecb2c7ea348faec15d33fa4b294c0ed46e2c5de8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7830 x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X9Ey3H4JoAMFiMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0 x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: VgP7BDBmd5A5bAmRgO88geep419uZ0TQop4jEmRkx-q9rX4PUJZOCQ== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Sep 2022 22:16:55 GMT age: 85134 etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7830 Md5: 290f6551c5ac539ea60810b135750f17 Sha1: 3633391a8dd87ef10fcb0d04d7b309738affc4a7 Sha256: d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5377 x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X_4XzF1FoAMF3AA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0 x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Sep 2022 18:09:25 GMT age: 13584 etag: "b5a7380f294876dd308c7fde294f36a425c1be01" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5377 Md5: c4b2d6a516e93799b54fe2bbd6630f86 Sha1: b5a7380f294876dd308c7fde294f36a425c1be01 Sha256: 7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4426 x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: XzfYTHHFIAMFjFw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0 x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Sep 2022 21:48:06 GMT age: 463 etag: "fc766bca874a352a4acb569577d4cf6527f4f074" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4426 Md5: c81f3df885bdee8cac46ea9495e6b63b Sha1: fc766bca874a352a4acb569577d4cf6527f4f074 Sha256: e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14855 x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: X5wjuGtpoAMFvvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0 x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: tR9oeUGtH0NFZdnZj93V6HysPnKOTJhhiEOTNwYdq-4xIzeBZblrhA== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Sep 2022 21:58:46 GMT age: 86223 etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14855 Md5: ca50f9c56ff869b0b63ca71b1a9f8170 Sha1: 13b16ca74113dfd52ccf23e6bb39307fc713f984 Sha256: 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538
GET /static/gs_vk/public.css HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/static/gs_vk/public.css FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 63.251.217.14 HTTP/2 200 OK content-type: text/css server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT last-modified: Tue, 09 Aug 2022 08:07:50 GMT vary: Accept-Encoding etag: W/"62f215d6-818" expires: Tue, 06 Sep 2022 09:55:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - quad9: Sinkholed
GET /static/js/jquery.cookie.js HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://kfeppnchfz.duckdns.org/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: kfeppnchfz.duckdns.org/static/js/jquery.cookie.js FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 63.251.217.14 HTTP/2 200 OK content-type: application/javascript server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT last-modified: Thu, 17 Mar 2022 06:46:08 GMT vary: Accept-Encoding etag: W/"6232d930-c31" expires: Tue, 06 Sep 2022 09:55:47 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - fortinet: Phishing - quad9: Sinkholed
GET / HTTP/1.1 Host: kfeppnchfz.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: kfeppnchfz.duckdns.org/ FQDN: kfeppnchfz.duckdns.org IP: 63.251.217.14 63.251.217.14 HTTP/2 200 OK content-type: text/html server: nginx date: Mon, 05 Sep 2022 21:55:47 GMT last-modified: Sun, 04 Sep 2022 09:48:22 GMT vary: Accept-Encoding etag: W/"63147466-f2a" strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN - fortinet: Phishing - quad9: Sinkholed

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "26F4537ED2B3E8CCE7E0C058C9B8F7D8A6E6047E77FED06CA341DEDC80B0E4C9" 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=1663 

                                        
                                            
Expires: Mon, 05 Sep 2022 22:23:30 GMT 

                                        
                                            
Date: Mon, 05 Sep 2022 21:55:47 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    9835e2176db64931bf0e0bf800bc7232

                                                Sha1:   4129574e8f98efb0556a0bdfdeefe670387d0637

                                                Sha256: 26f4537ed2b3e8cce7e0c058c9b8f7d8a6e6047e77fed06ca341dedc80b0e4c9

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         143.204.55.27

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Mon, 05 Sep 2022 21:45:03 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: lju-zUUoH3h7aajoGn4uPrwkGj7_CxDtflTK5JMpwaWLdLm6g19kNg== 

                                        
                                            
Age: 644 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    99b7d23c1748d0526782b9ff9ea45f09

                                                Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f

                                                Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Mon, 05 Sep 2022 21:55:47 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 

                                        
                                            
Host: ocsp.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.21.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 05 Sep 2022 21:55:48 GMT 

                                        
                                            
Content-Length: 1414 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Expires: Fri, 09 Sep 2022 19:11:38 GMT 

                                        
                                            
ETag: "0e5e5075e884600dae6117bad9343751f18c516f" 

                                        
                                            
Last-Modified: Mon, 05 Sep 2022 19:11:39 GMT 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 337 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7462361179efb51d-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1414

                                                Md5:    7206f7b60e1c55dbb2d081437eb8dcf3

                                                Sha1:   0e5e5075e884600dae6117bad9343751f18c516f

                                                Sha256: f335069e9d9ad68231b351f26be96571dbba3d08a372369b30df23969fac7294

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: tCXCKETiqlQaE6zlFndvLw== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         44.242.32.27

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: au2ACO6ADWKNszbXxMBRQKWHuco= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /template/img/template/headerbackground.jpg HTTP/1.1 

                                        
                                            
Host: www.nta.go.jp

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://kfeppnchfz.duckdns.org/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.230.111.64

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
content-length: 29881 

                                        
                                            
server: Apache 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
last-modified: Fri, 30 Mar 2018 05:48:34 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Mon, 05 Sep 2022 21:55:29 GMT 

                                        
                                            
etag: "74b9-5689aca6dd080" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: kKOoht5mNPanGV26aWvA0Aq5hwwe8hPi8jjFyE3ex9TOgR-Z2RE9OQ== 

                                        
                                            
age: 125 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 980x113, components 3\012- data

                                                Size:   29881

                                                Md5:    e5e2087ec026ba50dceab21313cde200

                                                Sha1:   32528b75731905a34f01e6b4cdf3937f72c4098f

                                                Sha256: 9f7bcb50485acc2487f525f5d0d49bf0e3c239ee0150685a621b7e84d67818c7

                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 

                                        
                                            
Host: ocsp.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 79 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.21.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 05 Sep 2022 21:55:49 GMT 

                                        
                                            
Content-Length: 1414 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Expires: Fri, 09 Sep 2022 19:20:50 GMT 

                                        
                                            
ETag: "1d70e7312d0ca62bdb07392969f7735051f662a2" 

                                        
                                            
Last-Modified: Mon, 05 Sep 2022 19:20:51 GMT 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 1731 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 746236184991b51d-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1414

                                                Md5:    243c330cffea62adf63eb6e600adc4b1

                                                Sha1:   1d70e7312d0ca62bdb07392969f7735051f662a2

                                                Sha256: 67583c998746a2f48a85c794d49bdf177cb3db910de509fc815cd78d43f21b85

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" 

                                        
                                            
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6186 

                                        
                                            
Expires: Mon, 05 Sep 2022 23:38:55 GMT 

                                        
                                            
Date: Mon, 05 Sep 2022 21:55:49 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    bc70b1691dd339e8120b92ba393ffb69

                                                Sha1:   99118be3645b3182ccdc5f9da149a97c220a3929

                                                Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" 

                                        
                                            
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6186 

                                        
                                            
Expires: Mon, 05 Sep 2022 23:38:55 GMT 

                                        
                                            
Date: Mon, 05 Sep 2022 21:55:49 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    bc70b1691dd339e8120b92ba393ffb69

                                                Sha1:   99118be3645b3182ccdc5f9da149a97c220a3929

                                                Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8" 

                                        
                                            
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6186 

                                        
                                            
Expires: Mon, 05 Sep 2022 23:38:55 GMT 

                                        
                                            
Date: Mon, 05 Sep 2022 21:55:49 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    bc70b1691dd339e8120b92ba393ffb69

                                                Sha1:   99118be3645b3182ccdc5f9da149a97c220a3929

                                                Sha256: da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F074d7790-a0c5-48fe-9814-807d02b9ea17.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8331 

                                        
                                            
x-amzn-requestid: 53b40605-8cb6-4c36-931f-67be541289e9 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5wigGtToAMFscw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c7a9-645ce10e6bd850f84fcbf256;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: a0mNmWIp04fLKVgImJIc6CWErbhadUOhXG2XurGRbCgDgjSwz44p0w== 

                                        
                                            
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Sep 2022 22:10:33 GMT 

                                        
                                            
age: 85516 

                                        
                                            
etag: "51ca3fc7e7048f035f79c4e425197bc618671b8c" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8331

                                                Md5:    2c0d77a2b715f8f2547f11cc5674432b

                                                Sha1:   51ca3fc7e7048f035f79c4e425197bc618671b8c

                                                Sha256: 34cad56ca82b17b5df4c010eecb2c7ea348faec15d33fa4b294c0ed46e2c5de8

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5377 

                                        
                                            
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X_4XzF1FoAMF3AA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ== 

                                        
                                            
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 05 Sep 2022 18:09:25 GMT 

                                        
                                            
age: 13584 

                                        
                                            
etag: "b5a7380f294876dd308c7fde294f36a425c1be01" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5377

                                                Md5:    c4b2d6a516e93799b54fe2bbd6630f86

                                                Sha1:   b5a7380f294876dd308c7fde294f36a425c1be01

                                                Sha256: 7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 14855 

                                        
                                            
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5wjuGtpoAMFvvA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT 

                                        
                                            
x-amz-cf-pop: SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: tR9oeUGtH0NFZdnZj93V6HysPnKOTJhhiEOTNwYdq-4xIzeBZblrhA== 

                                        
                                            
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Sep 2022 21:58:46 GMT 

                                        
                                            
age: 86223 

                                        
                                            
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   14855

                                                Md5:    ca50f9c56ff869b0b63ca71b1a9f8170

                                                Sha1:   13b16ca74113dfd52ccf23e6bb39307fc713f984

                                                Sha256: 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538

URL	kfeppnchfz.duckdns.org/
IP	63.251.217.14 (United States)
ASN	#35913 DEDIPATH-LLC
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-09-05 21:55:57 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	23
urlquery alerts	11 DynDNS domain detected
Tags	None

Overview

Domain Summary (12)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 63.251.217.14

Last 5 reports on ASN: DEDIPATH-LLC

Last 2 reports on domain: kfeppnchfz.duckdns.org

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (34)

Overview

Domain Summary (12)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 63.251.217.14

Last 5 reports on ASN: DEDIPATH-LLC

Last 2 reports on domain: kfeppnchfz.duckdns.org

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (34)

Network Intrusion Detection Systems