r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 28 Mar 2023 01:57:56 GMT
Date: Tue, 28 Mar 2023 01:21:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6782
Expires: Tue, 28 Mar 2023 03:14:32 GMT
Date: Tue, 28 Mar 2023 01:21:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15837
Expires: Tue, 28 Mar 2023 05:45:27 GMT
Date: Tue, 28 Mar 2023 01:21:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 00:28:00 GMT
content-type: application/json
age: 3210
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: afvK30yhLh3PeOY35XJTvyH0Gt5NOxaV8F/U0C9jgF5p1keqo6s1Bjm+s8f6y9c+GobbWo9NGq0=
x-amz-request-id: 2AEJ6X3NQMHN0P6F
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 01:01:51 GMT
age: 1179
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 01:21:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 01:21:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
142.250.74.42200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32038)
Hash 103708790db3586027df27ded660f8ef
d3f58fbe6e02cb4b8b34c6fd510e011cb325bc70
fdba876856bb6c2783df94cacb0f17b53fe33f1907135539272c0127b4270ffe
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:06:44 GMT
expires: Thu, 21 Mar 2024 18:06:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 458086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.7 kB IP 192.124.249.41:0
Hash 043c8cc75fa1f86a49c8ce8c24a42d4c
e2656bd6eac70666fcc01d3ed022c079a33f8643
d50bca7b8b49b5e69789e5cd5bca8b97301fbcb59846d4fbf75672dee2b85368
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 19:08:20 GMT
Expires: Tue, 28 Mar 2023 19:08:20 GMT
ETag: "e2656bd6eac70666fcc01d3ed022c079a33f8643"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.7 kB IP 192.124.249.41:0
Hash 043c8cc75fa1f86a49c8ce8c24a42d4c
e2656bd6eac70666fcc01d3ed022c079a33f8643
d50bca7b8b49b5e69789e5cd5bca8b97301fbcb59846d4fbf75672dee2b85368
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 19:08:20 GMT
Expires: Tue, 28 Mar 2023 19:08:20 GMT
ETag: "e2656bd6eac70666fcc01d3ed022c079a33f8643"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.7 kB IP 192.124.249.41:0
Hash 043c8cc75fa1f86a49c8ce8c24a42d4c
e2656bd6eac70666fcc01d3ed022c079a33f8643
d50bca7b8b49b5e69789e5cd5bca8b97301fbcb59846d4fbf75672dee2b85368
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 19:08:20 GMT
Expires: Tue, 28 Mar 2023 19:08:20 GMT
ETag: "e2656bd6eac70666fcc01d3ed022c079a33f8643"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.7 kB IP 192.124.249.41:0
Hash 043c8cc75fa1f86a49c8ce8c24a42d4c
e2656bd6eac70666fcc01d3ed022c079a33f8643
d50bca7b8b49b5e69789e5cd5bca8b97301fbcb59846d4fbf75672dee2b85368
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 19:08:20 GMT
Expires: Tue, 28 Mar 2023 19:08:20 GMT
ETag: "e2656bd6eac70666fcc01d3ed022c079a33f8643"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.ctzver.duckdns.org/card.html
173.255.254.141200 OK 87 kB URL HTTP/1.1 www.ctzver.duckdns.org/card.html
IP 173.255.254.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (615)
Hash 540e4b1c4f5cee2feb8ad01e76ecc960
4237796268bf5c79a0053dd6bb1b031f09d851af
70498d2004c798e12aedc96850d4126fd3c46eec2264c2a3dbc21fbf24cafec4
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /card.html HTTP/1.1
Host: www.ctzver.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 01:21:30 GMT
Server: Apache
Last-Modified: Thu, 29 Sep 2022 05:05:56 GMT
Accept-Ranges: bytes
Content-Length: 86743
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
ocsp.godaddy.com/
192.124.249.41200 OK 1.7 kB IP 192.124.249.41:0
Hash 043c8cc75fa1f86a49c8ce8c24a42d4c
e2656bd6eac70666fcc01d3ed022c079a33f8643
d50bca7b8b49b5e69789e5cd5bca8b97301fbcb59846d4fbf75672dee2b85368
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 19:08:20 GMT
Expires: Tue, 28 Mar 2023 19:08:20 GMT
ETag: "e2656bd6eac70666fcc01d3ed022c079a33f8643"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash febc8cc0931db9cc4c517a0b1f9ccc49
e63d1937fea94c24374b35d61aaa7dedfd7f3983
38fd77d7b7e07676269be85aba6bee08eea1b4a5f9f79f20866ac025b2d85355
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 21:11:20 GMT
Expires: Tue, 28 Mar 2023 21:11:20 GMT
ETag: "e63d1937fea94c24374b35d61aaa7dedfd7f3983"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash febc8cc0931db9cc4c517a0b1f9ccc49
e63d1937fea94c24374b35d61aaa7dedfd7f3983
38fd77d7b7e07676269be85aba6bee08eea1b4a5f9f79f20866ac025b2d85355
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 21:11:20 GMT
Expires: Tue, 28 Mar 2023 21:11:20 GMT
ETag: "e63d1937fea94c24374b35d61aaa7dedfd7f3983"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash febc8cc0931db9cc4c517a0b1f9ccc49
e63d1937fea94c24374b35d61aaa7dedfd7f3983
38fd77d7b7e07676269be85aba6bee08eea1b4a5f9f79f20866ac025b2d85355
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 21:11:20 GMT
Expires: Tue, 28 Mar 2023 21:11:20 GMT
ETag: "e63d1937fea94c24374b35d61aaa7dedfd7f3983"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash febc8cc0931db9cc4c517a0b1f9ccc49
e63d1937fea94c24374b35d61aaa7dedfd7f3983
38fd77d7b7e07676269be85aba6bee08eea1b4a5f9f79f20866ac025b2d85355
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 21:11:20 GMT
Expires: Tue, 28 Mar 2023 21:11:20 GMT
ETag: "e63d1937fea94c24374b35d61aaa7dedfd7f3983"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
142.250.74.42200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 13:43:46 GMT
expires: Tue, 26 Mar 2024 13:43:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 41864
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 01:21:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash febc8cc0931db9cc4c517a0b1f9ccc49
e63d1937fea94c24374b35d61aaa7dedfd7f3983
38fd77d7b7e07676269be85aba6bee08eea1b4a5f9f79f20866ac025b2d85355
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 28 Mar 2023 01:21:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 27 Mar 2023 21:11:20 GMT
Expires: Tue, 28 Mar 2023 21:11:20 GMT
ETag: "e63d1937fea94c24374b35d61aaa7dedfd7f3983"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash e988cfcb7116c647b776530e77236f29
b9f135bb860a6564ea6315df2dab33d5acb183e3
ae523b69cbe3c75d980ace9081ec1a84785434d43ff6e72cc8c9a02a697e74e6
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 28 Mar 2023 01:21:30 GMT
Last-Modified: Tue, 28 Mar 2023 00:29:04 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PBRRP2OAlolwlF2JcDaCIZmSkEU79vGkGTnHn32VUnp_jwsl4Ath4g==
Age: 3146
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 01:17:24 GMT
age: 246
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
52.71.207.46200 OK 3.5 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
IP 52.71.207.46:0
File type Unicode text, UTF-8 text, with very long lines (14626)
Hash c9e0ee1acc72fd18e3953cf614f7e879
bacc2349aab9dfac47cd153702e98e1fa48466f4
e13c4a8b7d5d884e11579582e7e99198c7fdfbd2587a37f52add1783e49e5d8e
GET /assets/stylesheets/customer/final/default.css?v=8.7.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 01:21:30 GMT
content-type: text/css
content-length: 3489
set-cookie: AWSALB=0k+GjvZYOj1/ZxDXPq3sB5bQdB+uwj3Q63zOXRVUHM7C2V7RBRM5zARxpijbyXPEFXijBPKCQdLYaDB/rMzNKrTK/Ns996FHSm0/+A/ZhwX07VjJDCEYujo8b6p7; Expires=Tue, 04 Apr 2023 01:21:30 GMT; Path=/
AWSALBCORS=0k+GjvZYOj1/ZxDXPq3sB5bQdB+uwj3Q63zOXRVUHM7C2V7RBRM5zARxpijbyXPEFXijBPKCQdLYaDB/rMzNKrTK/Ns996FHSm0/+A/ZhwX07VjJDCEYujo8b6p7; Expires=Tue, 04 Apr 2023 01:21:30 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 13 Jul 2022 12:04:58 GMT
etag: "62ceb4ea-da1"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 2f905d909b341c3c9a2f356834f227d7
be121b644563a947ab0bdb1d2621aeb85bdbc11a
8c13c8cdaf9b986e32cb491d222c1ed95adecd3e8199be4f49dbff2c1e051833
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169642
Date: Tue, 28 Mar 2023 01:21:30 GMT
Etag: "6422203c-1d7"
Expires: Thu, 30 Mar 2023 00:28:52 GMT
Last-Modified: Mon, 27 Mar 2023 23:01:16 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 03vjQ99d1OQEAeTxTWjXKNyK1eeVXDy57h7ef4ONJoVo1NtMKa5dOw==
Age: 5256
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2671
Expires: Tue, 28 Mar 2023 02:06:02 GMT
Date: Tue, 28 Mar 2023 01:21:31 GMT
Connection: keep-alive
app.dcu.org//css/vendor.d18b62ce.css
54.230.111.96200 OK 918 B URL HTTP/2 app.dcu.org//css/vendor.d18b62ce.css
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (832)
Hash 2e5ee6e9bde8534af1f5da0729671397
bece04f4b6c88e663775a3345a5b22f31ead4aa1
5fc6043c1f070fec7ae778caeae85a873f075d22c7d9e979b4846519383c486d
GET //css/vendor.d18b62ce.css HTTP/1.1
Host: app.dcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 918
last-modified: Mon, 27 Mar 2023 19:10:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: mI02zpz9oIoJrd2Eno_K4iZlU2CeVMMG
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Mar 2023 01:21:32 GMT
cache-control: no-cache
etag: "2e5ee6e9bde8534af1f5da0729671397"
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vihEbeTRm-XQ6l4SwSfRdqVREhpkc9ZujH-Te2NfO0YAYPkVa7BhKg==
X-Firefox-Spdy: h2
app.dcu.org//css/2.7199a3b6.css
54.230.111.96200 OK 918 B URL HTTP/2 app.dcu.org//css/2.7199a3b6.css
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (832)
Hash 2e5ee6e9bde8534af1f5da0729671397
bece04f4b6c88e663775a3345a5b22f31ead4aa1
5fc6043c1f070fec7ae778caeae85a873f075d22c7d9e979b4846519383c486d
GET //css/2.7199a3b6.css HTTP/1.1
Host: app.dcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 918
last-modified: Mon, 27 Mar 2023 19:10:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: mI02zpz9oIoJrd2Eno_K4iZlU2CeVMMG
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Mar 2023 01:21:32 GMT
cache-control: no-cache
etag: "2e5ee6e9bde8534af1f5da0729671397"
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OqSR5y8RE6RT5toUy52GYwJg_oIoq7fCgVdApI99UhUIbGxEfqd9uQ==
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.87.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.87.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1ApyqgOqG/Ei5nqkfMUNDg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F22QsUvlnvf5FZMVELe+U400FxA=
app.dcu.org//css/app.dce111a8.css
54.230.111.96200 OK 918 B URL HTTP/2 app.dcu.org//css/app.dce111a8.css
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (832)
Hash 2e5ee6e9bde8534af1f5da0729671397
bece04f4b6c88e663775a3345a5b22f31ead4aa1
5fc6043c1f070fec7ae778caeae85a873f075d22c7d9e979b4846519383c486d
GET //css/app.dce111a8.css HTTP/1.1
Host: app.dcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 918
last-modified: Mon, 27 Mar 2023 19:10:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: mI02zpz9oIoJrd2Eno_K4iZlU2CeVMMG
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Mar 2023 01:21:32 GMT
cache-control: no-cache
etag: "2e5ee6e9bde8534af1f5da0729671397"
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QTCZSZZSFBb0jajA7E0bnwuqkQ8IpJb134wQbBjnTg2IEatOiBC6Qw==
X-Firefox-Spdy: h2
s3.amazonaws.com/assets.projectfinance.io/siteAssets/DCU/dcuLogoDark.png
52.216.219.216200 OK 7.7 kB URL HTTP/1.1 s3.amazonaws.com/assets.projectfinance.io/siteAssets/DCU/dcuLogoDark.png
IP 52.216.219.216:0
File type PNG image data, 217 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash ae64e87365d6e6696145c8c53ce3632e
09337bd0289c432bffab6f653297fe2534ad0c68
d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e
GET /assets.projectfinance.io/siteAssets/DCU/dcuLogoDark.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 626N420p1XNjv4TaoVmmsfcYmGCpKAjqk1JphxxYLo567NonPlO/lcUSBzHb1rj3BZFlN1QK2HY=
x-amz-request-id: EBAJ7W39CH3752SR
Date: Tue, 28 Mar 2023 01:21:32 GMT
Last-Modified: Tue, 12 May 2020 18:43:36 GMT
ETag: "ae64e87365d6e6696145c8c53ce3632e"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 7743
app.dcu.org//css/64.64d4d70e.css
54.230.111.96200 OK 918 B URL HTTP/2 app.dcu.org//css/64.64d4d70e.css
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (832)
Hash 2e5ee6e9bde8534af1f5da0729671397
bece04f4b6c88e663775a3345a5b22f31ead4aa1
5fc6043c1f070fec7ae778caeae85a873f075d22c7d9e979b4846519383c486d
GET //css/64.64d4d70e.css HTTP/1.1
Host: app.dcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 918
last-modified: Mon, 27 Mar 2023 19:10:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: mI02zpz9oIoJrd2Eno_K4iZlU2CeVMMG
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Mar 2023 01:21:32 GMT
cache-control: no-cache
etag: "2e5ee6e9bde8534af1f5da0729671397"
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kb8L6_WgmBGCZnWM9pSfC1J5AUjcVZI68TQ4KRpi2GTEg8WeykHbYg==
X-Firefox-Spdy: h2
app.dcu.org//css/chunk-common.c2a46c33.css
54.230.111.96200 OK 918 B URL HTTP/2 app.dcu.org//css/chunk-common.c2a46c33.css
IP 54.230.111.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (832)
Hash 2e5ee6e9bde8534af1f5da0729671397
bece04f4b6c88e663775a3345a5b22f31ead4aa1
5fc6043c1f070fec7ae778caeae85a873f075d22c7d9e979b4846519383c486d
GET //css/chunk-common.c2a46c33.css HTTP/1.1
Host: app.dcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 918
last-modified: Mon, 27 Mar 2023 19:10:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: mI02zpz9oIoJrd2Eno_K4iZlU2CeVMMG
accept-ranges: bytes
server: AmazonS3
date: Tue, 28 Mar 2023 01:21:32 GMT
cache-control: no-cache
etag: "2e5ee6e9bde8534af1f5da0729671397"
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8_C_8k2weZtWWGissYCgMwadguJZyU2UkcJ0B-uNUUT3y0GdpJsdLA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 01:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11432, version 1.0\012- data
Hash ae96f3f6e0e89b0cde9cb9d7cc53f564
347f904aab57a60de1b8a162461aeff25b921fb4
ae166251db1350a6a21bbe90fdfc17122e7b59ce69e11bccb35bc3692f1567e0
GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9tAcVwo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ctzver.duckdns.org
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:31:15 GMT
content-type: font/woff2
age: 312890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 01:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 01:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
216.58.207.227200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11244, version 1.0\012- data
Hash ddfb16fcb34b96796daa6ea292211f36
6877747f35198de7670ff3486fd0bb25fd9814bc
b979904d685baa066813a9a1d569d4b2ef0a0dc16401de96d2f737d76dcb7d2c
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1ECVZl_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ctzver.duckdns.org
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:31:49 GMT
content-type: font/woff2
age: 312890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1ECVZl_.woff2
216.58.207.227200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1ECVZl_.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 11468, version 1.0\012- data
Hash b64b849d9a7ab9f3bfb9a63772db259f
aadd33b3dcfe608a95216b9001ebebd20313e61e
ed539425ada9c89bc1d3f195a530b65d2a9a41dbdd598c2a2a32849d83b357e5
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1ECVZl_.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.ctzver.duckdns.org
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11468
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:49 GMT
expires: Sat, 23 Mar 2024 10:26:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:33:23 GMT
content-type: font/woff2
age: 312882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 01:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ctzver.duckdns.org/favicon.ico
173.255.254.141404 Not Found 315 B URL HTTP/1.1 www.ctzver.duckdns.org/favicon.ico
IP 173.255.254.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Digital Federal Credit Union
NIDS Severity Alert suricata medium ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
GET /favicon.ico HTTP/1.1
Host: www.ctzver.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/card.html
HTTP/1.1 404 Not Found
Date: Tue, 28 Mar 2023 01:21:31 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8046
Expires: Tue, 28 Mar 2023 03:35:38 GMT
Date: Tue, 28 Mar 2023 01:21:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8046
Expires: Tue, 28 Mar 2023 03:35:38 GMT
Date: Tue, 28 Mar 2023 01:21:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8046
Expires: Tue, 28 Mar 2023 03:35:38 GMT
Date: Tue, 28 Mar 2023 01:21:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F904edce6-7c76-4531-a179-4144164cbbd1.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F904edce6-7c76-4531-a179-4144164cbbd1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18fd7af8779cf8321e52f92f5797ec7d
dea3b15ef5ad129e736eac0787861c2f635da044
142485409b9fad01710d2a2aa96deccbb953e0a4f00cdac7bf2af9d98390d04a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F904edce6-7c76-4531-a179-4144164cbbd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8394
x-amzn-requestid: 7f842fb6-0dfe-4eae-a9b5-59a3394552ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cb7VkFtRoAMF-xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64217289-78aaa1b73a3d10530672a56d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 10:40:09 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TpfXXxs_lllcGY0OKhNeNBuTKohudBPyMQ24kClp5yMIhJ3Hs6WYIw==
via: 1.1 304b956e2039e07753fa39109152d594.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 10:49:38 GMT
age: 52314
etag: "dea3b15ef5ad129e736eac0787861c2f635da044"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e828b7227de7aa7a7b7c54c96e0cef9a
9a717142ab25dabf9123485ef51ed586662d2a71
0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 12682
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdcsgGZsoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: VYUarzUegSCD6A4s7tUQ-0O1mjal3BAW7SiiXSpOnFEDd5-HHoA5Cw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:55:21 GMT
age: 12371
etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 12682
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11e0f4bc8f80c5009c099d6a371950e0
60b1df4be988d5e60b7834e39a12e3524fe0a767
c3149c1d902c6889bdab0287f69771a247ab21c6a5ad50cba0f200db561445b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11674
x-amzn-requestid: b3fa7a9c-bf5c-44df-96ed-546f4da8f794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cb5i3GN7oAMF1LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64216fab-2f380b4972056b6c64703e55;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 10:27:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: GN5sLhd8yUOi_odvkY8SIx0DDtXfUQ1HxLRrdOqFHjcqjIuM1KXDyA==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 10:38:59 GMT
age: 52953
etag: "60b1df4be988d5e60b7834e39a12e3524fe0a767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 789f11978a1149984408fbbb9a2b3f81
078bd523107096bab5e26d42b18e316c253f1ca7
7974980290443b64126f512686261150cd27331cb7b32a96d1167a97d046e8a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 9277e35d-8fe8-482e-b65c-b132dfcbd87e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbqBGl0IAMFy4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220ca6-7869936b33cbf3633c68e7ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: niXBcLXb34cBs5-FqU8flhIK5sZ_ykmhwnozGbLigHI3jwXySoF_xw==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:49:49 GMT
age: 12703
etag: "078bd523107096bab5e26d42b18e316c253f1ca7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0
IP 142.250.74.74:0
GET /css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ctzver.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Mar 2023 01:21:30 GMT
date: Tue, 28 Mar 2023 01:21:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2