Overview

URL www.new-pubg-tournament-pro.duckdns.org/
IP20.5.64.12
ASNMICROSOFT-CORP-MSN-AS-BLOCK
Location United States
Report completed2022-09-22 08:59:19 UTC
StatusLoading report..
urlquery Alerts DynDNS domain detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
2022-09-21 2 www.new-pubg-tournament-pro.duckdns.org/ Tencent
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-22 2 www.new-pubg-tournament-pro.duckdns.org/ Phishing
2022-09-22 2 www.new-pubg-tournament-pro.duckdns.org/js/popup.js Phishing
2022-09-22 2 www.new-pubg-tournament-pro.duckdns.org/img/a.jpeg Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL www.new-pubg-tournament-pro.duckdns.org/img/popup_bg.jpg
IP  20.5.64.12
Magic gzip compressed data, max compression\012- data
Size 6311
MD5 523d494e37d63a525dc7b7c104032905
SHA1 93c9dae621411a279a56f7a385d3b7d2d7d25d87
SHA256 e97068731317ac0dfef78bd82729161336b7e1083bd5d8713d8d8b669e768f59
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-22 04:34:04 UTC 34.117.237.239
mnemonic passive DNS www.new-pubg-tournament-pro.duckdns.org (12) 0 2022-09-12 12:14:46 UTC 2022-09-22 06:36:34 UTC 20.5.64.12 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (1) 235 2020-10-20 10:17:36 UTC 2022-09-22 05:51:40 UTC 104.17.25.14
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-22 05:09:58 UTC 143.204.55.115
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-22 04:10:57 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-22 08:37:18 UTC 216.58.211.10
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-22 05:01:22 UTC 34.212.166.60
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-22 04:23:52 UTC 34.120.237.76
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-22 04:08:59 UTC 143.204.55.35
mnemonic passive DNS img.zing.vn (8) 512499 2012-07-30 15:21:26 UTC 2022-09-19 07:46:22 UTC 113.164.15.82
mnemonic passive DNS www.pubgmobile.com (1) 21653 2018-04-27 11:06:13 UTC 2022-09-21 22:30:10 UTC 23.36.76.227
mnemonic passive DNS ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2022-09-22 04:12:14 UTC 93.184.220.29
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-22 04:34:12 UTC 69.16.175.10
mnemonic passive DNS ajax.googleapis.com (2) 12905 2014-10-18 20:16:48 UTC 2022-09-22 02:10:54 UTC 216.58.207.202
mnemonic passive DNS stackpath.bootstrapcdn.com (1) 2467 2018-04-05 04:41:29 UTC 2022-09-22 06:00:53 UTC 104.18.11.207
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-09-22 04:31:53 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS statuse.digitalcertvalidation.com (1) 16484 2019-06-21 15:00:06 UTC 2022-09-22 03:04:29 UTC 93.184.220.29
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-22 04:32:00 UTC 23.36.77.32


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 20.5.64.12

Date UQ / IDS / BL URL IP
2022-09-23 21:43:55 +0000
7 - 0 - 14 bokepviral-my.duckdns.org/ 20.5.64.12
2022-09-23 21:43:15 +0000
7 - 0 - 16 nakvidmasuk.duckdns.org/ 20.5.64.12
2022-09-23 11:05:42 +0000
7 - 0 - 16 nakvidmasuk.duckdns.org/ 20.5.64.12
2022-09-23 09:07:19 +0000
7 - 0 - 16 vvip-mlay.duckdns.org/ 20.5.64.12
2022-09-23 09:07:00 +0000
7 - 0 - 15 group-wa-vip.duckdns.org/ 20.5.64.12

Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK

Date UQ / IDS / BL URL IP
2022-12-04 22:43:32 +0000
0 - 0 - 2 3659n.com/ 20.187.105.119
2022-12-04 22:36:50 +0000
0 - 0 - 2 3656u.net/ 20.187.105.119
2022-12-04 22:35:10 +0000
0 - 0 - 83 snc0cu.com/ 20.172.252.151
2022-12-04 22:20:35 +0000
0 - 0 - 83 unl0ckercard.com/ 20.172.252.151
2022-12-04 22:20:20 +0000
0 - 0 - 81 unl0ckercard.com/access.php 20.172.252.151

Last 3 reports on domain: new-pubg-tournament-pro.duckdns.org

Date UQ / IDS / BL URL IP
2022-09-22 22:55:01 +0000
13 - 0 - 15 new-pubg-tournament-pro.duckdns.org/ 20.5.64.12
2022-09-22 08:59:19 +0000
13 - 0 - 15 www.new-pubg-tournament-pro.duckdns.org/ 20.5.64.12
2022-09-22 08:17:20 +0000
13 - 0 - 15 new-pubg-tournament-pro.duckdns.org/ 20.5.64.12

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-09-22 08:17:20 +0000
13 - 0 - 15 new-pubg-tournament-pro.duckdns.org/ 20.5.64.12


JavaScript

Executed Scripts (5)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (59)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 22 Sep 2022 08:13:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qGprAGwzesYahYm6oMO5GHCz3ogBVCAiN79_sLRCrbufaMRairqy2A==
Age: 2711


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    804f8bbb7f556d51a5f52d5ebd5b6eef
Sha1:   922cd7e06df278615a04abb81d811d14596c8180
Sha256: ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5316
Expires: Thu, 22 Sep 2022 10:27:44 GMT
Date: Thu, 22 Sep 2022 08:59:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 22 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hP9Y7EuWlu71U81sBS-g_LGSQlKrOkiwg_zRUc-c-EpZx7I9CI4jLg==
age: 15834
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 22 Sep 2022 08:59:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   9030
Md5:    49293b1f6429986a8dfda20575f63b46
Sha1:   bb6973702fa6b0d32e07e9d51a2c736dc9f39b49
Sha256: 2b203fcb8afda11173d64ec36ed42da972c7637d18034c0e95bcdf186171eb33

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 22 Sep 2022 08:59:08 GMT
content-length: 6252
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-14d38"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1178759
expires: Tue, 12 Sep 2023 08:59:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcPDqZjhrj6f8m5AxPHtzQPNUyDDOJwIjpLBXCOCL%2BwPDITrmRWdOdObQKlG8xWNudzifr5VvaOaaUEnysyj6rpZA88IN0QybmnVmBQSpjVE4qfItL0r7VxDM0mx8loC0oe4vRtK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e9d7c2cdf0b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6252
Md5:    99918fca57628309f8f9d98576272cec
Sha1:   ab194d60583b16df155932a9f2d638298b356ed2
Sha256: 5d70e984ef355ffb6e1a01510a79aad3f24536bb3809498b815ea834701b473e
                                        
                                            GET /jquery-1.10.2.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 32788
Last-Modified: Wed, 16 Feb 2022 10:50:39 GMT
Accept-Ranges: bytes
Server: nginx
ETag: W/"620cd6ff-16bb3"
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
X-HW: 1663837148.dop225.sk1.t,1663837148.cds243.sk1.c


--- Additional Info ---
Magic:  ASCII text, with very long lines (32072)
Size:   32788
Md5:    68cc08e82915da8b82fc6be74ab86365
Sha1:   4089530b0c00f6cbd1452d7f873be85454196fd1
Sha256: 6c63276db5e51f227be1c9bdaf73d76fa01040499944a8c8607db0c234f0575c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1786
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 08:59:08 GMT
Last-Modified: Thu, 22 Sep 2022 08:29:22 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 09:02:32 GMT
expires: Fri, 15 Sep 2023 09:02:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 604596
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32061)
Size:   29671
Md5:    b90b3d2618cce9d766152cd3092b5c27
Sha1:   496339457cd00caab8118e2e1f30ea18dc05b9f4
Sha256: b7b155aa8c6b5db28f9a6b41e88c96e9462c196c700add426f8ef32c9ce1ed41
                                        
                                            GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.202
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 14:39:25 GMT
expires: Fri, 15 Sep 2023 14:39:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 584383
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32180)
Size:   29707
Md5:    f16500423cc2867eff8b773df637c48f
Sha1:   1cd32d75b59a89c3a70274e383151a61ce0594f4
Sha256: 6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
                                        
                                            GET /css2?family=Roboto+Condensed&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 22 Sep 2022 08:59:08 GMT
date: Thu, 22 Sep 2022 08:59:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1018
Md5:    b44106d84ebcc9b591781a6052afd5cf
Sha1:   0701d598a37f5c5ee86ff7e9f8c7169986cf89d2
Sha256: 0f8619d203a8a604403e04ed55dcaedad8bef48c76af32d41d8c6fccdb331165
                                        
                                            GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: stackpath.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.new-pubg-tournament-pro.duckdns.org
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.11.207
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Thu, 22 Sep 2022 08:59:08 GMT
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7cc8001500e8b1f454ac4b171aec0d61
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74e9d7c31895b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   7257
Md5:    c8e5b7b21955133bbb103038419039de
Sha1:   7efafcc01e61578248f7605e5be518d00e59ead8
Sha256: fe688b524413d2ae9a416c2252daf734897094e7e5ff8f07d9f11ef407c031cf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 08:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 22 Sep 2022 08:05:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZirNgERwkBgj13CuxsN5HG9jc5vTuLoxJ6pLjUhemgD3r2oJ7S7s2g==
Age: 3346


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /css/facebook.css HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 3136
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   3136
Md5:    7963984a8f422cb6cdabcb6597f3f252
Sha1:   8932b3a35c501044ccf88aab675703b972868182
Sha256: a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /css/style.css HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 4168
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4168
Md5:    d0e62779e0aef168b6110ba5cf8f74d0
Sha1:   cac5f3ce6bf009be65b790e633960715dbca3315
Sha256: db92b120255461f254281e328849412a8e18b9c4892276d4a272e80345cdcce5

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4879
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 08:59:09 GMT
Last-Modified: Thu, 22 Sep 2022 07:37:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /js/popup.js HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 496
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   496
Md5:    3721ad55a6ff921e7a02517c5e7848dd
Sha1:   f7549490bd1bee82a024ae607d5abb0b647f9fec
Sha256: 2a76d43b0748ccba65ed3b8980967f3f30f94ee6a27a2e6857c9ad165eed9bca

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            GET /css/twitter.css HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 22 Sep 2022 08:59:08 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 1835
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1835
Md5:    1156f34a3a464b3e4bf8c723fea57a65
Sha1:   dea488bdf766d877ce34dabec8ce45f38433467d
Sha256: 096419a5c82a883441ece55e606bf1f9c4c8c7d8679549d70610a46691cd1cb9

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PldX4xUVTvE+LB+thyK0pQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.212.166.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4q95oylkmH0Uf0MZszFzsqDKUIg=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Thu, 22 Sep 2022 10:03:19 GMT
Date: Thu, 22 Sep 2022 08:59:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Thu, 22 Sep 2022 10:03:19 GMT
Date: Thu, 22 Sep 2022 08:59:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Thu, 22 Sep 2022 10:03:19 GMT
Date: Thu, 22 Sep 2022 08:59:10 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Thu, 22 Sep 2022 10:03:19 GMT
Date: Thu, 22 Sep 2022 08:59:10 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d546012-e1d1-4ccd-a38f-d808cdfe4af0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5161
x-amzn-requestid: 9ba63285-4cef-4604-bd12-95a99463e087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0wHYXIAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-1380adf019b16d5a50475cdb;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2L14PporWFOOt2LmcUHgHTaXf8cycYkZ9toEwlKlyeS8jQlP8oX7qw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 41088
etag: "af20ced3f00015ad8ae837d7cf3f39b9f5f0f752"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5161
Md5:    06589b53db5d3d6307e15e354325e252
Sha1:   af20ced3f00015ad8ae837d7cf3f39b9f5f0f752
Sha256: 513daca9889934875f2c453aaed4ce1af32628550a4b2f2b8e69533cb09eda56
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b308c1c-61ac-4185-bb59-ab0cf1f2b8fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9233
x-amzn-requestid: f90a9ed8-b4e7-4786-887a-90f24cc4f432
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HZSG1IoAMFwxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b85d4-7a75336f316aa6450e3369b4;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PEhEMNxyamS4_x8DPhIeX2bEkaVWzS4foO7vPQX8KgWpm1KjsSvRxQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:14:27 GMT
age: 38683
etag: "134720f07ffdbef5ff551bdb3c3743c806d1512d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9233
Md5:    ce3e9d330cc9b9c84fb7846bf0d8c7a0
Sha1:   134720f07ffdbef5ff551bdb3c3743c806d1512d
Sha256: 0724f7ca2de62c8086e80b527aec78de6b63996107b32c7e9990bd472e64a347
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5453bf0-e297-4ace-a174-b28be2bb7e8d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11645
x-amzn-requestid: 0ae5c056-6d78-4c37-8e18-b9abfe1e1f47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzG34FKIIAMF6Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab832-59fbd91527ea400d333ddc41;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:07:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Q7rg9YqHScSwWXfS96bSI5Mb0mSYQ-jbShb7wddPcG51nhn0_8DIJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 07:14:13 GMT
age: 6297
etag: "5ee6c32afd92810ae61a791c059928e33148bb0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11645
Md5:    298be26294efc965abc5707a84df8a0a
Sha1:   5ee6c32afd92810ae61a791c059928e33148bb0c
Sha256: d9b5fe88c8e03f6a6a64e360015080bca00f7fb147515a137447832bacc2e6e7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60ffb31d-d07d-4e81-9477-522f011ae13e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8861
x-amzn-requestid: 873e88ab-7afc-4b14-b428-d90ec2079741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuE0AoAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-0d25ab397a16c78907914e23;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UStTyIXPucbY9WmDl3W5bTyeT-2SJ5CTUjv8TLeexqZtKd1p2sJrNA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 03:11:18 GMT
age: 20872
etag: "56f228d7358ba9deef000f53214dc7c1dc358109"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8861
Md5:    a504981ee10d8341b64f19001464ae8a
Sha1:   56f228d7358ba9deef000f53214dc7c1dc358109
Sha256: 0ea3b6ed12f3adf9d56e7d9b61f284d28107d99f28ee4e66b4c078a9a1a0cbee
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf89a4b3-f586-4870-ab26-efb054f637fd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8678
x-amzn-requestid: c671a9ab-c5d0-4743-b13e-cc9a47e3d2fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1F0vEThIAMFSwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b8351-17ed13811d3833ea00a34423;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hp-WIGb9M8tEmNGOVjx6UQKx9E4-1oJmka0a6seG7inahqYByPmRAg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 21:34:22 GMT
age: 41088
etag: "15d83e44d568938b6c9c87201e898cedb3edec0a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8678
Md5:    91c56f0b9810bfdd84e10a626b89e389
Sha1:   15d83e44d568938b6c9c87201e898cedb3edec0a
Sha256: 942de9764e1c408f7512759774aab0479db201e6fae15ccc39e653adae4cb86f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F969d6cdd-691e-480c-aa3f-20d1f7156aa3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13329
x-amzn-requestid: 54887f94-9832-494c-b1c8-0a27ac04b3e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1HDmHlQoAMFfLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632b854a-5fb778255bce533044676173;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 21:42:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CV7jUyg4kF60YvwbCWKgOsL-jhP_Mw2SMXs6uyWw-Bwbfy-SoOmtWA==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 22:08:34 GMT
age: 39036
etag: "deb3edfb3995fa43ca3e8dcc2adb09028bd240e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13329
Md5:    935051c999523e0eb4c95bbe470f5708
Sha1:   deb3edfb3995fa43ca3e8dcc2adb09028bd240e3
Sha256: 30efea98cf000c8a0fd6e02b08ab114d4453c2d6f63360a352ebbd0f0bd138a0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 08:59:10 GMT
Server: ECS (amb/6B77)
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 08:59:10 GMT
Last-Modified: Thu, 22 Sep 2022 08:59:10 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /products/pubgm/skin-2020/dist/main/main.js HTTP/1.1 
Host: img.zing.vn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         113.164.15.82
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Thu, 22 Sep 2022 08:59:09 GMT
Content-Length: 328449
Connection: keep-alive
Last-Modified: Thu, 04 Jun 2020 07:38:55 GMT
ETag: "5ed8a50f-50301"
Expires: Tue, 21 Mar 2023 08:48:58 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (35795)
Size:   328449
Md5:    cde9018151590a466f186634777a17e8
Sha1:   cce7ca6b0b8b0b7abad693a64f23b8184a2b05ec
Sha256: 498f589cd376a4801a684b81f38229386b8b2f849ab48ee6f644cc19513eacfd
                                        
                                            GET /products/pubgm/skin-2020/dist/main/main.css HTTP/1.1 
Host: img.zing.vn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         113.164.15.82
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 22 Sep 2022 08:59:09 GMT
Content-Length: 835049
Connection: keep-alive
Last-Modified: Thu, 04 Jun 2020 10:59:52 GMT
ETag: "5ed8d428-cbde9"
Expires: Tue, 21 Mar 2023 08:49:14 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (65411)
Size:   835049
Md5:    d100f85cb486fe28a915d9bf10e39070
Sha1:   057c20c59edab893ee8ccd1850a159a0aebd0afb
Sha256: f9e873ed49fe5fafdd56758d55af1a1ab8321c44e5e2f50f17a981af4af45e2a
                                        
                                            GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1 
Host: www.pubgmobile.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.227
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=223
expires: Thu, 22 Sep 2022 09:02:56 GMT
date: Thu, 22 Sep 2022 08:59:13 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size:   75149
Md5:    92c19dc5bd77186e5bb8ed35ce668979
Sha1:   646bf70d1c669c7d7388f95a0a33755e4721289c
Sha256: 0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.new-pubg-tournament-pro.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:17:40 GMT
expires: Wed, 20 Sep 2023 22:17:40 GMT
cache-control: public, max-age=31536000
age: 124893
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Size:   15660
Md5:    d7b0b953a50fddaa88089b5b787cf719
Sha1:   2f85bc568b27659a3d6452f58f9fd7678450326d
Sha256: e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
                                        
                                            GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.new-pubg-tournament-pro.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 22:59:06 GMT
expires: Wed, 20 Sep 2023 22:59:06 GMT
cache-control: public, max-age=31536000
age: 122407
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15528, version 1.0\012- data
Size:   15528
Md5:    595fe3fc0b85f3cc9ef5aed2d519abc5
Sha1:   96e76de44987e9dec2f97f1e5eb7a18c738daf5d
Sha256: 747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.new-pubg-tournament-pro.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 16:04:44 GMT
expires: Sat, 16 Sep 2023 16:04:44 GMT
cache-control: public, max-age=31536000
age: 492869
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size:   15700
Md5:    3d7f7413fca69bff4d231ebdc50aaab0
Sha1:   cb18e7943b6a8a0e3672d7242197c19a226b92e8
Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /img/login/twitter_icon.png HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 8862
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size:   8862
Md5:    4607476796cc93ca75cfeccf2661fd1a
Sha1:   632414eb759476693c20599e8b4f0851d8a54251
Sha256: fb71fa5156501b3ca8ff3c88e4501917c651ac60eaaf58c22c2bed6e933d82c5

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/login/twitter_text.png HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 4298
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size:   4298
Md5:    fef946b8bba756359e2a1e87ccd915ea
Sha1:   acc364946077b0e32b2343474ce4066ad3ee524c
Sha256: 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /products/pubgm/skin-2020/dist/main/images/icons/Logo-mb-game.png HTTP/1.1 
Host: img.zing.vn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         113.164.15.82
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 22 Sep 2022 08:59:11 GMT
Content-Length: 1216
Connection: keep-alive
Last-Modified: Wed, 12 Feb 2020 11:15:32 GMT
ETag: "5e43de54-4c0"
Expires: Tue, 21 Mar 2023 08:59:12 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 46 x 35, 8-bit colormap, non-interlaced\012- data
Size:   1216
Md5:    aa360933ad6c431bf8be7852e6ed700c
Sha1:   082804878018b08b5d00ef59cfa8ac6a19863656
Sha256: 0f8a4bbb3fb310a4941582a4fb2dda936058389500b1ecee69459e2477b968c3
                                        
                                            GET /img/popup_bg.jpg HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/css/style.css

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 5568
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   6311
Md5:    523d494e37d63a525dc7b7c104032905
Sha1:   93c9dae621411a279a56f7a385d3b7d2d7d25d87
Sha256: e97068731317ac0dfef78bd82729161336b7e1083bd5d8713d8d8b669e768f59

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
  File Analyzers:
    - virustotal: 0/0
                                        
                                            GET /products/pubgm/skin-2020/dist/main/images/bg/bg-nav.png HTTP/1.1 
Host: img.zing.vn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         113.164.15.82
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 22 Sep 2022 08:59:11 GMT
Content-Length: 3478
Connection: keep-alive
Last-Modified: Tue, 04 Feb 2020 09:19:21 GMT
ETag: "5e393719-d96"
Expires: Tue, 21 Mar 2023 08:59:12 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x90, components 3\012- data
Size:   3478
Md5:    64f3bf6a8a290c8a0fb968e29ad6ab4f
Sha1:   fd9d41347da9f1b2862a0bbec0f45e0ff686568c
Sha256: 81f8bb9a081a560ab65989a821591ecbfc47987203dce7a87cf3d4aab9908705
                                        
                                            GET /img/login/facebook_text.png HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 28789
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size:   28789
Md5:    74190b93fc4f5d88f0c8e6411ba20bd8
Sha1:   89ce2ecb660a90b8e6ed1b335443d7767c59f28a
Sha256: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /products/pubgm/skin-2020/dist/main/images/bg/bg-bottom-banner-home.png HTTP/1.1 
Host: img.zing.vn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         113.164.15.82
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 22 Sep 2022 08:59:11 GMT
Content-Length: 3532
Connection: keep-alive
Last-Modified: Thu, 13 Feb 2020 05:02:49 GMT
ETag: "5e44d879-dcc"
Expires: Tue, 21 Mar 2023 08:59:12 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 1988 x 100, 8-bit colormap, non-interlaced\012- data
Size:   3532
Md5:    ca63bcd9c7cab394e3d69580f7064f01
Sha1:   7d17fbaee1bf8d703339c5b8ac7f1f1841f65af3
Sha256: 169b6989c2800b5e81484935edf18b73e67f02adf21aec680832884bbce5d653
                                        
                                            GET /products/pubgm/skin-2020/dist/main/images/_sprites-f1.png HTTP/1.1 
Host: img.zing.vn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         113.164.15.82
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 22 Sep 2022 08:59:11 GMT
Content-Length: 7184
Connection: keep-alive
Last-Modified: Wed, 12 Feb 2020 11:15:32 GMT
ETag: "5e43de54-1c10"
Expires: Tue, 21 Mar 2023 08:59:12 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 260 x 147, 8-bit colormap, non-interlaced\012- data
Size:   7184
Md5:    3574889df99f2d2feead3928f43c78c8
Sha1:   476f1deef6a08a3f828fcd0e9afba544a2a101c9
Sha256: e3398f3317d88171f703ba78cb6164d009ea13bc0fd30f4739cc5ab8885725d2
                                        
                                            GET /img/login/facebook_icon.png HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 79439
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 1600 x 1600, 8-bit/color RGBA, non-interlaced\012- data
Size:   79439
Md5:    84669eb4301059aa602096c83a13e15f
Sha1:   b8bdde81e76105c7fce0a4a95918074d869c3f75
Sha256: 4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /products/pubgm/skin-2020/dist/main/images/_sprites-nav.png HTTP/1.1 
Host: img.zing.vn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         113.164.15.82
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 22 Sep 2022 08:59:12 GMT
Content-Length: 9731
Connection: keep-alive
Last-Modified: Wed, 12 Feb 2020 11:15:32 GMT
ETag: "5e43de54-2603"
Expires: Tue, 21 Mar 2023 08:59:12 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 389 x 180, 8-bit colormap, non-interlaced\012- data
Size:   9731
Md5:    8c44124105c6302835934f0bdad8cfa1
Sha1:   f1fb408bd148343bfc1b2e5f3790e7c579ae0e64
Sha256: 10aaa743106aab5b136c4e6291660dd25368a94ed25a9be4e95cfee8ea28ea3d
                                        
                                            GET /products/pubgm/skin-2020/dist/main/images/bg/new.jpg HTTP/1.1 
Host: img.zing.vn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         113.164.15.82
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Thu, 22 Sep 2022 08:59:12 GMT
Content-Length: 20624
Connection: keep-alive
Last-Modified: Tue, 04 Feb 2020 09:19:21 GMT
ETag: "5e393719-5090"
Expires: Tue, 21 Mar 2023 08:59:12 GMT
Cache-Control: max-age=15552000
Access-Control-Allow-Origin: *
X-Cache-Status: MISS
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x900, components 3\012- data
Size:   20624
Md5:    b75fe6d16d04560802164b810eccd4ba
Sha1:   bb56cadb7e85dc087fb0605af809602b4b669f38
Sha256: 48893d0c088a960897bbc7edec95bd9975e19729c288ab667abee23d0a9af37a
                                        
                                            GET /img/c.jpg HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 241801
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x629, components 3\012- data
Size:   241801
Md5:    f2fc3361e56064cd136081d51a4fb2fa
Sha1:   2f260c93bb857acacad014a57553a834aff14f10
Sha256: d03ebdd507a43610a36045079aa7929c3bb2c7628246a17db5902421fb41ed2e

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
                                        
                                            GET /img/a.jpeg HTTP/1.1 
Host: www.new-pubg-tournament-pro.duckdns.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.new-pubg-tournament-pro.duckdns.org/

                                         
                                         20.5.64.12
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 22 Sep 2022 08:59:13 GMT
Server: Apache
Last-Modified: Sat, 10 Jul 2021 12:40:46 GMT
Accept-Ranges: bytes
Content-Length: 633037
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x719, components 3\012- data
Size:   633037
Md5:    e5ffb243ab05acce0d9afa2e77bc3af9
Sha1:   bcdc443fa26ff31957373c83ee7883eebac06859
Sha256: ca84e2a7f35e8e01a487d22a9a367e26c8a3d90f9f5425f2ed7112786f872fb7

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - openphish: Tencent
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: statuse.digitalcertvalidation.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3889
Cache-Control: 'max-age=158059'
Date: Thu, 22 Sep 2022 08:59:17 GMT
Last-Modified: Thu, 22 Sep 2022 07:54:28 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471