leogfx.com/
34.198.182.201301 Moved Permanently 0 B IP 34.198.182.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: leogfx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 19 Jan 2023 09:57:26 GMT
Server: Apache
Location: https://leogfx.ddns.net
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2284
Expires: Thu, 19 Jan 2023 10:35:30 GMT
Date: Thu, 19 Jan 2023 09:57:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc07d664b5dadee6f9120d54904dfa57
df75a55b0b2019684a6c512bee528c51a2c4a756
14a1bd6315a3256468edafedfd1c02a6ba147914c0f01e8504e7d8cc67781c34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14A1BD6315A3256468EDAFEDFD1C02A6BA147914C0F01E8504E7D8CC67781C34"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10586
Expires: Thu, 19 Jan 2023 12:53:52 GMT
Date: Thu, 19 Jan 2023 09:57:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 09:49:27 GMT
content-type: application/json
age: 479
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5314
Expires: Thu, 19 Jan 2023 11:26:00 GMT
Date: Thu, 19 Jan 2023 09:57:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 33JvuygPuQQ4LaSwPubIfkSii+mMqn4VZxhL9NKmew0jaVSC8mkrHh02HCaqqq3kdOwzc3g/dZ12CnSAQa7r6w==
x-amz-request-id: ZZQ11QBCBQC9SHHS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 09:45:49 GMT
age: 697
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f05c4ba78a4c354ca45ba4da772ba37
61c08de405477160a8909f22fcbff629dd2f6939
0d74dbd1ef4d1abaf1d8a218a63fa132d06cb59864fe5ce1e63100611e894375
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D74DBD1EF4D1ABAF1D8A218A63FA132D06CB59864FE5CE1E63100611E894375"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21559
Expires: Thu, 19 Jan 2023 15:56:45 GMT
Date: Thu, 19 Jan 2023 09:57:26 GMT
Connection: keep-alive
leogfx.ddns.net/
88.117.22.157200 OK 5.1 kB IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 36108db99d8eb637d9451272cf1b35e0
6ac033f8f6fcf36a594c4394074f1df34eaa4ff0
7df7dde60d3c71cf504bf2746d3fdf64f987f3e44b6f4743987a6a8c4ad3b969
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET / HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: text/html
content-length: 5122
last-modified: Fri, 15 Apr 2022 19:52:23 GMT
etag: "6259ccf7-1402"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 09:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 09:48:57 GMT
age: 509
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Josefin+Sans:300,400,700,400italic,700italic
142.250.74.106200 OK 985 B URL HTTP/2 fonts.googleapis.com/css?family=Josefin+Sans:300,400,700,400italic,700italic
IP 142.250.74.106:0
Hash 1607dd67d8529bb4de324e6f9e6de629
d29d0b1058abe8d327d81d70e0cf6256e4add459
8f4a0e698234652e240b0fb53cfcd825ba4fdcd737c4e0bc534bdce24c4501bc
GET /css?family=Josefin+Sans:300,400,700,400italic,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 09:57:26 GMT
date: Thu, 19 Jan 2023 09:57:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3769
Cache-Control: max-age=87130
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 09:57:27 GMT
Etag: "63c7b6a8-1d7"
Expires: Fri, 20 Jan 2023 10:09:37 GMT
Last-Modified: Wed, 18 Jan 2023 09:06:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
leogfx.ddns.net/css/style.css
88.117.22.157200 OK 1.4 kB URL HTTP/2 leogfx.ddns.net/css/style.css
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
Hash ecad56f3d9d00bb34ecb97a50a6de7b0
ad9db4d4a02c309a7663a9db32ffb091f6c0a420
78521eb55e15954b859dbbbbdd6ab44fb38bc9b5284610f26dd36cb7638d5e3a
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /css/style.css HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: text/css
content-length: 1436
last-modified: Tue, 26 Jul 2022 19:00:25 GMT
etag: "62e039c9-59c"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/css/css3-animation.css
88.117.22.157200 OK 2.4 kB URL HTTP/2 leogfx.ddns.net/css/css3-animation.css
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
Hash 796460530e4fe75a0f042e9701264748
b485a434f91093b7b38771eb27ab78ff49d932a9
eee40c00c2da83507492da9f8d695892baaf2427c557c251f38d5dd2bf76fb42
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /css/css3-animation.css HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: text/css
content-length: 2449
last-modified: Fri, 15 Apr 2022 18:11:57 GMT
etag: "6259b56d-991"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/css/bootstrap.min.css
88.117.22.157200 OK 145 kB URL HTTP/2 leogfx.ddns.net/css/bootstrap.min.css
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type ASCII text, with very long lines (58834)
Size 145 kB (144850 bytes)
Hash b618c46a03ebfdcc9e0a22d907ea7f0e
787477e99d5d1160c4ed2c8c8ee338e86b3357d4
f01eda2cfb667519671f30b459170456272c60b97e8801e1ed4265dea48b9a0e
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /css/bootstrap.min.css HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: text/css
content-length: 144850
last-modified: Fri, 15 Apr 2022 18:44:51 GMT
etag: "6259bd23-235d2"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/js/popper.min.js
88.117.22.157200 OK 19 kB URL HTTP/2 leogfx.ddns.net/js/popper.min.js
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type ASCII text, with very long lines (19063)
Hash 6cd956453e307bfd2ce4bfb0648b9f7d
a43367193adc1258902e5b68ad0cda6cf0f9ff8f
625b022a42ed5d9c39911e42050f4fd9834ea039af978b7716f7800ade95eb55
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /js/popper.min.js HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: application/javascript
content-length: 19197
last-modified: Tue, 15 Feb 2022 12:08:42 GMT
etag: "620b97ca-4afd"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/js/bootstrap.bundle.min.js
88.117.22.157404 Not Found 3.2 kB URL HTTP/2 leogfx.ddns.net/js/bootstrap.bundle.min.js
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2140)
Hash 9a90f63504b7d267dae304c08dff21e4
8e26d8a9442640522f47672e782b8820b476f65e
df08ecea3c17448cf735e62672f7a8dc5e66cc411e620dbd2e609e730d485b48
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /js/bootstrap.bundle.min.js HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: text/html
content-length: 3212
etag: "6245516d-c8c"
X-Firefox-Spdy: h2
leogfx.ddns.net/js/jquery-3.2.1.min.js
88.117.22.157200 OK 87 kB URL HTTP/2 leogfx.ddns.net/js/jquery-3.2.1.min.js
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type ASCII text, with very long lines (32058)
Hash c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /js/jquery-3.2.1.min.js HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: application/javascript
content-length: 86659
last-modified: Tue, 15 Feb 2022 12:08:29 GMT
etag: "620b97bd-15283"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/img/icon-1.png
88.117.22.157200 OK 6.2 kB URL HTTP/2 leogfx.ddns.net/img/icon-1.png
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type PNG image data, 141 x 141, 8-bit/color RGBA, non-interlaced\012- data
Hash 8af5a4ef9aba4714ec9ac6f4239d0a38
bc0ca1e0f33b733d3ad609b56aeac326475b8b15
fdfb33ee2c705d2f72536f721ba6fadc8d5e4d7c7b051c31dad4f76076beb762
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /img/icon-1.png HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: image/png
content-length: 6152
last-modified: Wed, 27 Jul 2022 15:53:32 GMT
etag: "62e15f7c-1808"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/img/icon-2.png
88.117.22.157200 OK 6.7 kB URL HTTP/2 leogfx.ddns.net/img/icon-2.png
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type PNG image data, 141 x 141, 8-bit/color RGBA, non-interlaced\012- data
Hash 88ee85af1ad9938f2986893f2dabbd74
b5533e56d5696590379870f9b3301472806de425
d59aa9b71401e375c3e2a151f4861294999050261f6913c5b1b92c669901fa59
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /img/icon-2.png HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: image/png
content-length: 6704
last-modified: Wed, 27 Jul 2022 15:53:32 GMT
etag: "62e15f7c-1a30"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/img/icon-3.png
88.117.22.157200 OK 5.6 kB URL HTTP/2 leogfx.ddns.net/img/icon-3.png
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type PNG image data, 141 x 141, 8-bit/color RGBA, non-interlaced\012- data
Hash 31acd85b8c8b74109d9244ddcb2f9db3
bf4be423fc3f7df9611cf5300f8a11ffce13b24a
11174c4344c6e5067917bb7cea47353409b985cba082f6b32f5161adb925e606
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /img/icon-3.png HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: image/png
content-length: 5591
last-modified: Wed, 27 Jul 2022 15:53:32 GMT
etag: "62e15f7c-15d7"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/img/icon-ariko.png
88.117.22.157200 OK 116 kB URL HTTP/2 leogfx.ddns.net/img/icon-ariko.png
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type PNG image data, 319 x 305, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (116389 bytes)
Hash f12ead2f556d891f9ab3d864150d7617
467c7c74654c8a0a458956758c458d617512850e
acc3e6fdf93753c2d032e8eecd313f59eaed09347289f7cfe799cb507a96b3b7
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /img/icon-ariko.png HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: image/png
content-length: 116389
last-modified: Thu, 14 Apr 2022 12:35:49 GMT
etag: "62581525-1c6a5"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
leogfx.ddns.net/js/mdb.min.js
88.117.22.157200 OK 207 kB URL HTTP/2 leogfx.ddns.net/js/mdb.min.js
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type ASCII text, with very long lines (65536), with no line terminators
Size 207 kB (207332 bytes)
Hash 883061cb25982b70de9512e38a1bba80
a36c953ffb9d0a4be6cbb603ee1b9ba9990ee79f
41948ef1d129ae35266d50e27b3d53a5a9fe73833b20a387884998619649c9a3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /js/mdb.min.js HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: application/javascript
content-length: 207332
last-modified: Tue, 15 Feb 2022 12:08:33 GMT
etag: "620b97c1-329e4"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
50.112.247.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 50.112.247.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bSYtOlAwuMQQwWsFPmWHfA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vv4R6kb9nYXnZwHNehjq/b6e0JA=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 09:57:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
142.250.74.35200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 26592, version 1.0\012- data
Hash c2d66029cf6ae68a19e1398fc02feda6
c37e5907e49d2ed5b11f59841a3d16c911da7a5c
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
GET /s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leogfx.ddns.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26592
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 20:42:49 GMT
expires: Thu, 18 Jan 2024 20:42:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
content-type: font/woff2
age: 47678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
leogfx.ddns.net/img/bg-winter.jpg
88.117.22.157200 OK 598 kB URL HTTP/2 leogfx.ddns.net/img/bg-winter.jpg
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x1311, components 3\012- data
Size 598 kB (597560 bytes)
Hash 3671c50bb1a9043fa7de6bbd574d1938
dfc0224f3a46ae347b8515d60ae65260a78a01f8
def1399c0e4e3085c39c17852e09027a9a4ce128ad49428ff32d97f07efda982
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /img/bg-winter.jpg HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:27 GMT
content-type: image/jpeg
content-length: 597560
last-modified: Tue, 15 Feb 2022 12:08:07 GMT
etag: "620b97a7-91e38"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 09:57:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
leogfx.ddns.net/js/bootstrap.bundle.min.js
88.117.22.157404 Not Found 3.2 kB URL HTTP/2 leogfx.ddns.net/js/bootstrap.bundle.min.js
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2140)
Hash 9a90f63504b7d267dae304c08dff21e4
8e26d8a9442640522f47672e782b8820b476f65e
df08ecea3c17448cf735e62672f7a8dc5e66cc411e620dbd2e609e730d485b48
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /js/bootstrap.bundle.min.js HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 19 Jan 2023 09:57:27 GMT
content-type: text/html
content-length: 3212
etag: "6245516d-c8c"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 09:57:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
leogfx.ddns.net/favicon.ico
88.117.22.157404 Not Found 3.2 kB URL HTTP/2 leogfx.ddns.net/favicon.ico
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2140)
Hash 9a90f63504b7d267dae304c08dff21e4
8e26d8a9442640522f47672e782b8820b476f65e
df08ecea3c17448cf735e62672f7a8dc5e66cc411e620dbd2e609e730d485b48
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /favicon.ico HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Thu, 19 Jan 2023 09:57:27 GMT
content-type: text/html
content-length: 3212
etag: "6245516d-c8c"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 74316, version 329.30932\012- data
Hash 52134b924fd61958f88323845deffc64
cfccdf2c8be593220ea949989a5abc0b380ea2ac
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d
GET /releases/v5.7.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leogfx.ddns.net
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:27 GMT
content-type: font/woff2
content-length: 74316
x-amz-id-2: 6I+zKSyeV5wImr06mGvX9JKRERcCu+6JXB5qZZL7hh/0DxGuFhYm7KjHOAVM0JCbKlB0TweMruU=
x-amz-request-id: H8FQ7PDBA5JSWHHW
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: "52134b924fd61958f88323845deffc64"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9y3IfRmBnLd5pMCaprV6%2FoeJYiXZ7XWdI9VYjq85vxjx9WbrZSDdsyXQcHlPJQV2bn0xKEbEw%2FVEUcHGWADlkpHucYLCVWEdqxPdFFaxAIbMvBHapXh%2BhtHwK1GYFHeaOdi8wDV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78beb4cdcdb77474-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10542
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 09:57:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10542
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 09:57:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10542
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 09:57:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10542
Expires: Thu, 19 Jan 2023 12:53:10 GMT
Date: Thu, 19 Jan 2023 09:57:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b015242ebdda9cc22cfe6741d2e926f1
76072223007cd11c6f7b9fda8f01818ab0fea740
b7a72c737cac91c83c39718de999bc6ff0ec4ede63342e86407190d95e60d9a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f344d-12b3-4719-9ecf-6191897f233e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6908
x-amzn-requestid: 5f0a0b3b-1d4c-450e-bcd5-481bda79f4e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eq1qQHwYIAMF-IQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1030e-62d053e35c8ab2374fd2fe35;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 07:06:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WdNoHBL4A3J_FHp8V9HLUMNKmEPIw-lstt0OdqYJtcUGfMRZJXPdwQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 11:34:07 GMT
age: 80601
etag: "76072223007cd11c6f7b9fda8f01818ab0fea740"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13457311f170ebcd637e77aa48873488
a51ef5eb01736824f382541c5a4ad025ae35c09e
f57f95cc9f18b2e41951f1fcd9c278ca0f522e98dbf57aeb4c59b4b59deeb605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa848e8c9-5ea8-4948-a3e7-109001ff6cba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6235
x-amzn-requestid: 919a5e9d-11c0-4b12-a718-f5a256f4fda2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3RXBG8xoAMFW1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5fc2c-2398fc8910eb707e4c15b416;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 01:38:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WwmWT7zXborrCF7_Ul5LFV1EboOT5KBXf9TSATbFi01dpip5BGSQNQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:50:00 GMT
age: 43648
etag: "a51ef5eb01736824f382541c5a4ad025ae35c09e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 115c22a4d18aebbb8ffb5fdd8da8c8ba
6f77d73abc59ca903e2a7fd514b559c60931c4d7
74ef77f35165e40f1d9e2c68924a797a8f1b586c325c2d053f830a6f4163ca97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60b96714-9b31-441b-a346-5099f350e204.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8388
x-amzn-requestid: 01537ac7-e1b1-4fe8-96dd-e6abd92c4a16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9TegGC7IAMF-BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c865f6-0838524e1f33c0f53b548205;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NZT00_07uZ3G_UzocOal5svr6-nDGY-NtN7E7BrJXOMQ-qRUe1I9Xg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:55:56 GMT
age: 43292
etag: "6f77d73abc59ca903e2a7fd514b559c60931c4d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 511bbd0c410838e4a978d471d361d876
706be1b2636ad65bf5fe78ef7301af472c015275
e124c1ba6059fb613d0ab8f7ad37f4524323e7bbde851f78e9e5727c7d20f19f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e96pVF61oAMF76g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 68BfqCCeDzqQURstD87lSuWaXjwrqVQnXX8ws6EeFfQtbu_ad9JEgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 05:26:43 GMT
etag: "706be1b2636ad65bf5fe78ef7301af472c015275"
content-type: image/jpeg
age: 16245
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1b47910c4f71976f73a884bcae6f9bc
26c0d42fddb2a02d9878c34a76874710c92a9d30
9c5ce4945939b126cd36202f5afb8009ce790a792270ec31cc22099e4cd12a24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4d15f9a-9958-436b-ac3e-167b5a6563ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3861
x-amzn-requestid: c8fbb2e1-9ec6-42c0-8030-9be785e8913e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9TegFNEoAMFwqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c865f6-04a9e7db684e88ed69e1bd43;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wTiBoiSa1euVzUKPwlAWWZD-fYwMQGxgvRRzr1ALkrFY5VV3zeL9Jg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:52:42 GMT
age: 43486
etag: "26c0d42fddb2a02d9878c34a76874710c92a9d30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b8f931fb5afe958e67fce9e1822dac4
5732887999b819f6facc6f4608a407b5a09adf75
3c6c787e700f8139ec0eeaad93923f647f9efa5ce60120fc0aab52fa9588efaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F358af8d7-be1d-4bbe-ab3e-a9efaf49e1ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5005
x-amzn-requestid: 647dd62e-6b47-4298-9457-c7f37e653e0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e5qLKEX6IAMFX0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c6f0ad-3dc1396c1b3662fa4ec5f1fa;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 19:02:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ge_XozSe44BAhC-fFiu-u8Oa4jd8Uctn4O3fmdLCavhYpcSVrhNMww==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:42:33 GMT
age: 58495
etag: "5732887999b819f6facc6f4608a407b5a09adf75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0322b0c1c8ccba218bb838b9a08236b
2019b85538667589467bd7330d5c14e81d0a0219
206ed7eb5ba89c76c42b01a7fbf354b9417dd87d8149847b28dab0cb1c887198
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7228521-7486-47c0-9c97-8326b753903b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3258
x-amzn-requestid: efeaacb9-f9b6-45ea-b457-dd2186113d7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9704FE2IAMFw9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a685-5c761cba0ef3eb1e0849aac1;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:10:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ja6gtQbUWud7hCAcoQ5R1zHQROQUC9rQ_LycuQK3BqQT_5GIUz4Q_w==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:15:16 GMT
age: 27739
etag: "2019b85538667589467bd7330d5c14e81d0a0219"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
leogfx.ddns.net/css/mdb.min.css
88.117.22.157200 OK 0 B URL HTTP/2 leogfx.ddns.net/css/mdb.min.css
IP 88.117.22.157:0
ASN #8447 A1 Telekom Austria AG
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /css/mdb.min.css HTTP/1.1
Host: leogfx.ddns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:26 GMT
content-type: text/css
content-length: 181222
last-modified: Tue, 15 Feb 2022 12:05:32 GMT
etag: "620b970c-2c3e6"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.0/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leogfx.ddns.net
Connection: keep-alive
Referer: https://leogfx.ddns.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 09:57:27 GMT
content-type: text/css
x-amz-id-2: eUjqBRS9D4PsbFF23qswAVVsltE5rB6QpsXelNRCcY/s/CPZK/hnT03L8EmMZkW6yGYQQ/GZukc=
x-amz-request-id: 3MEWAN0F05FKJZE9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:15 GMT
etag: W/"251d28bd755f5269a4531df8a81d5664"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9suqeDC9ekTIEf5A5pIR01qzD7%2B7hb9zKBqU23N9El8f0FsnHtpFesIHUtRF9GnMwNPwnohyWMAugcYY6VQ%2F8hH4%2BZlfdKAlJ4Y7DZwFJgUlyczFmlijZJ5l7tiftH5iK0a1kwyk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78beb4caea927474-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2