GET /login.php?Verification=TRUE&Country=US HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
|
search
 20.106.149.200
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Fri, 25 Nov 2022 09:08:29 GMT
Server: Apache
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12504
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 09:08:29 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
 93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 913
Cache-Control: max-age=92275
Date: Fri, 25 Nov 2022 09:08:29 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 10:46:24 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:19:04 GMT
cache-control: public,max-age=3600
age: 2966
alt-svc: clear
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5347
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 09:08:30 GMT
Connection: keep-alive
|
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
x-amz-id-2: r0qlkpGmie8YJuecRxRiYlPsv8nD1P0+cJ0WPI4hut8UPlsVTXSAUxCjU0rdhFJTcznErKh0r+M=
x-amz-request-id: 6V6PK5DC5HXEA39C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:43:46 GMT
age: 1484
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.117.237.239
HTTP/2 200 OK
content-type: application/json
server: nginx
date: Fri, 25 Nov 2022 09:08:30 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /as/s41726790920868 HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:48 GMT
Accept-Ranges: bytes
Content-Length: 5538
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
GET /as/AppMeasurement_Module_AudienceManagement.min.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:52 GMT
Accept-Ranges: bytes
Content-Length: 25152
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
GET /as/runtime.24e47bcca0e5b8df.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:52 GMT
Accept-Ranges: bytes
Content-Length: 3988
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
GET /as/AppMeasurement.min.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:52 GMT
Accept-Ranges: bytes
Content-Length: 33557
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
GET /as/styles.300dc7a1784cb961.css HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: text/css
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:50 GMT
Accept-Ranges: bytes
Content-Length: 73801
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
GET /as/polyfills.87d6b856162b755f.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:52 GMT
Accept-Ranges: bytes
Content-Length: 33921
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
GET /as/styles_r.css HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: text/css
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:50 GMT
Accept-Ranges: bytes
Content-Length: 159564
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.102.187.140
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 08:11:11 GMT
cache-control: public,max-age=3600
age: 3439
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /as/launch-866a03735382.min.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:50 GMT
Accept-Ranges: bytes
Content-Length: 186614
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
GET /as/truist_common.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:50 GMT
Accept-Ranges: bytes
Content-Length: 242738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 3940
Cache-Control: max-age=90239
Date: Fri, 25 Nov 2022 09:08:30 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:12:29 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
GET /as/tru_lg_hrz_rgb_wht_rev.png HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: image/png
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:52 GMT
Accept-Ranges: bytes
Content-Length: 14599
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
GET /as/trulogo_horz-trupurple.png HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: image/png
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:52 GMT
Accept-Ranges: bytes
Content-Length: 4376
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tursi.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
etag: "26a8cd142b539700557eb4710c3d56bd:1644856531.982003"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 8753
expires: Fri, 25 Nov 2022 10:08:30 GMT
date: Fri, 25 Nov 2022 09:08:30 GMT
cache-control: no-cache
access-control-allow-origin: http://tursi.duckdns.org
timing-allow-origin: *
X-Firefox-Spdy: h2
|
GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tursi.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
accept-ranges: bytes
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12163
expires: Fri, 25 Nov 2022 10:08:30 GMT
date: Fri, 25 Nov 2022 09:08:30 GMT
cache-control: no-cache
access-control-allow-origin: http://tursi.duckdns.org
timing-allow-origin: *
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Age: 6399
Cache-Control: max-age=168302
Date: Fri, 25 Nov 2022 09:08:31 GMT
Etag: "63805b7e-1d7"
Expires: Sun, 27 Nov 2022 07:53:33 GMT
Last-Modified: Fri, 25 Nov 2022 06:06:54 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
GET /as/main.6b2b5be7c0191f9e.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 10:21:02 GMT
Accept-Ranges: bytes
Content-Length: 2164385
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
|
GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=AA7A3BC75245B3BC0A490D4D%40AdobeOrg&d_nsid=0&ts=1669367310367 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://tursi.duckdns.org
Connection: keep-alive
Referer: http://tursi.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 99.81.119.147
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://tursi.duckdns.org
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v045-07303b075.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=75664342465860910083600699260839496128; Max-Age=15552000; Expires=Wed, 24 May 2023 09:08:31 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: VnVDNZGsQ/c=
Content-Length: 1337
Connection: keep-alive
|
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 385YmMrWIszcWc1bkuSqRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
search
52.41.253.170
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: D1gIEVtfZrn+lY0l5cWko96S+48=
|
GET /as/dest5.html HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h2vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369110369|1669367309520; dtLatC=50; dtSa=-; AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19322%7CvVersion%7C5.4.0
Upgrade-Insecure-Requests: 1
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: text/html
Date: Fri, 25 Nov 2022 09:08:31 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:52 GMT
Accept-Ranges: bytes
Content-Length: 13579
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
|
GET /ui/assets/images/father-son.png HTTP/1.1
Host: dias.bank.truist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tursi.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
 23.72.139.74
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
content-length: 140237
etag: W/"140237-1667961614000"
last-modified: Wed, 09 Nov 2022 02:40:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: DENY
x-content-type-options: nosniff
x-oneagent-js-injection: true
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 25 Nov 2022 09:08:31 GMT
X-Firefox-Spdy: h2
|
GET /assets/tru-core-icon-sprite.svg HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h2vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369110369|1669367309520; dtLatC=50; dtSa=-; AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19322%7CvVersion%7C5.4.0
|
search
20.106.149.200
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 25 Nov 2022 09:08:31 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
|
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Accept-Ranges: bytes
Cache-Control: max-age=168396
Date: Fri, 25 Nov 2022 09:08:31 GMT
Etag: "638074db-1d7"
Expires: Sun, 27 Nov 2022 07:55:07 GMT
Last-Modified: Fri, 25 Nov 2022 07:55:07 GMT
Server: nginx
Content-Length: 471
|
GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=AA7A3BC75245B3BC0A490D4D%40AdobeOrg&mid=71108727889382435034204103780421300847&ts=1669367310843 HTTP/1.1
Host: sstats.truist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://tursi.duckdns.org
Connection: keep-alive
Referer: http://tursi.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
 13.36.218.177
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: http://tursi.duckdns.org
access-control-allow-credentials: true
date: Fri, 25 Nov 2022 09:08:31 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C71108727889382435034204103780421300847; Path=/; Domain=truist.com; Max-Age=63072000; Expires=Sun, 24 Nov 2024 09:08:08 GMT; SameSite=Lax;
vary: Origin
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
GET /dias/info/config HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
x-dtpc: -64$167309508_515h4vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h4vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369111294|1669367309520; dtLatC=50; dtSa=-; AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19322%7CMCMID%7C71108727889382435034204103780421300847%7CMCAAMLH-1669972110%7C6%7CMCAAMB-1669972110%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1669374510s%7CNONE%7CvVersion%7C5.4.0; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
|
search
20.106.149.200
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 25 Nov 2022 09:08:31 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
|
GET /ui/favicon.ico HTTP/1.1
Host: dias.bank.truist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tursi.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
|
search
23.72.139.74
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: W/"1074-1667961614000:dtagent10247220811100421uywL"
last-modified: Wed, 09 Nov 2022 02:40:13 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: DENY
x-content-type-options: nosniff
cache-control: max-age=0
x-oneagent-js-injection: true
expires: Sun, 20 Nov 2022 19:49:02 GMT
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtRpid;desc="-1725343807", dtSInfo;desc="0"
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 25 Nov 2022 09:08:31 GMT
content-length: 13675
X-Firefox-Spdy: h2
|
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107179
Date: Fri, 25 Nov 2022 09:08:32 GMT
Etag: "637f7925-1d7"
Expires: Sat, 26 Nov 2022 14:54:51 GMT
Last-Modified: Thu, 24 Nov 2022 14:01:09 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ScQUrMNA4hvwFRmzAsq5dbvzUUJPkboRVI7VeD00Vql5rjezjItB-g==
Age: 3222
|
GET /cm/dd?d_uuid=75664342465860910083600699260839496128 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tursi.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
54.77.60.152
HTTP/1.1 302
Date: Fri, 25 Nov 2022 09:08:32 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y4CGEAAAAFzVNgMx; Domain=.everesttech.net; Expires=Sat, 25-Nov-2023 09:08:32 GMT; Path=/
everest_session_v2=Y4CGEAAAAFzVNwMx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4CGEAAAAFzVNgMx
Server: AMO-cookiemap/1.1
|
GET /ibs:dpid=411&dpuuid=Y4CGEAAAAFzVNgMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tursi.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
99.81.119.147
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0eab94181.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4CGEAAAAFzVNgMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=11941719428152888962887370639410924141; Max-Age=15552000; Expires=Wed, 24 May 2023 09:08:32 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0Tf7B9I5THc=
Content-Length: 0
Connection: keep-alive
|
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y4CGEAAAAFzVNgMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://tursi.duckdns.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
|
search
99.81.119.147
HTTP/1.1 200 OK
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v045-02ae087c0.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: pSnbVmaPQA8=
Content-Length: 59
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3062
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:08:32 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3062
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:08:32 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3062
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:08:32 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3062
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:08:32 GMT
Connection: keep-alive
|
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
|
search
23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3062
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:08:32 GMT
Connection: keep-alive
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 39660
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 51422
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 40382
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 40384
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NCCF79BaJkG2j75ihGL9jd3gEE4zajsC9vmEKMmk9u7-wm2s5u4mVQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:43:09 GMT
age: 15923
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
|
search
34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daiU0caUPDqn0vVDY_eK8eaMxgIenjmw1vLyUOtVYOs-FmuSIgY3Nw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:37:02 GMT
age: 77490
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
POST /ui/rb_dd022447-99bb-4e4a-8e68-67aec1c3d505?type=js3&sn=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO&svrid=-64&flavor=post&vi=HVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0&modifiedSince=1668734971679&rf=http%3A%2F%2Ftursi.duckdns.org%2Flogin.php%3FVerification%3DTRUE%26Country%3DUS&bp=3&app=307988b0f4afb8ec&crc=2963929154&en=9va2smjd&end=1 HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 2366
Origin: http://tursi.duckdns.org
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h-vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369111886|1669367309520; dtLatC=50; dtSa=-; AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19322%7CMCMID%7C71108727889382435034204103780421300847%7CMCAAMLH-1669972110%7C6%7CMCAAMB-1669972110%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1669374511s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19329%7CvVersion%7C5.4.0; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
|
search
20.106.149.200
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 25 Nov 2022 09:08:33 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
|
POST /ui/rb_dd022447-99bb-4e4a-8e68-67aec1c3d505?type=js3&sn=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO&svrid=-64&flavor=post&vi=HVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0&modifiedSince=1668734971679&rf=http%3A%2F%2Ftursi.duckdns.org%2Flogin.php%3FVerification%3DTRUE%26Country%3DUS&bp=3&app=307988b0f4afb8ec&crc=3751420482&en=9va2smjd&end=1 HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 3544
Origin: http://tursi.duckdns.org
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h-vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369111886|1669367309520; dtLatC=50; dtSa=-; AMCV_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1176715910%7CMCIDTS%7C19322%7CMCMID%7C71108727889382435034204103780421300847%7CMCAAMLH-1669972110%7C6%7CMCAAMB-1669972110%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1669374511s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19329%7CvVersion%7C5.4.0; AMCVS_AA7A3BC75245B3BC0A490D4D%40AdobeOrg=1
|
search
20.106.149.200
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 25 Nov 2022 09:08:35 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
|
GET /as/ruxitagentjs_A27Vfgqrux_10247220811100421.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:50 GMT
Accept-Ranges: bytes
Content-Length: 199861
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
--- Additional Info ---
Alerts:
urlquery:
- DynDNS domain detected
|
GET /as/scripts.1c82821384a86f51.js HTTP/1.1
Host: tursi.duckdns.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tursi.duckdns.org/login.php?Verification=TRUE&Country=US
Cookie: dtCookie=v_4_srv_-2D64_sn_K2K7U4O94356RLRR6JD49D5T4KBL2NIO; rxVisitor=1669367309518MMN6PJG0HOAME7S3C3T8Q8AL8L3FVM7K; dtPC=-64$167309508_515h1vHVAULVSHRHDJVJFROFUMJHCQADBBDMKB-0e0; rxvt=1669369109520|1669367309520
|
search
20.106.149.200
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Fri, 25 Nov 2022 09:08:30 GMT
Server: Apache
Last-Modified: Fri, 18 Nov 2022 06:38:52 GMT
Accept-Ranges: bytes
Content-Length: 162165
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
--- Additional Info ---
Alerts:
urlquery:
- DynDNS domain detected
|
104.47.110.28
116.118.50.194
89.252.134.86