Overview

URL ayetaablehands.org/verify.dcu/otp.html
IP198.54.115.112
ASNNAMECHEAP-NET
Location United States
Report completed2022-10-04 09:40:00 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-03 2 ayetaablehands.org/verify.dcu/otp.html Digital Federal Credit Union
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 ayetaablehands.org/verify.dcu/otp.html Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/config.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/loader_only.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/64.390011c5.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/chunk-common.112fec58.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/2.a6ab680e.js Phishing
2022-10-04 2 ayetaablehands.org/js/app.fa332a3e.js Phishing
2022-10-04 2 ayetaablehands.org/js/vendor.e1d2459d.js Phishing
2022-10-04 2 ayetaablehands.org/js/vendor.e1d2459d.js Phishing
2022-10-04 2 ayetaablehands.org/js/app.fa332a3e.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL r3.o.lencr.org/
IP  23.36.76.226
Magic gzip compressed data, max compression\012- data
Size 1246
MD5 1dba34865833569d1efd3834abc3617c
SHA1 abee4e1751a0d5abbecc7b9a87ed38491d843957
SHA256 77efde3e9d5fe36405e49d4cd0ebfd81b0c8620132d088195a385c1a2cd8d29b
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (24)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS digitalfederalcredit.tt.omtrdc.net (1) 202275 2019-09-26 13:40:13 UTC 2022-10-03 21:06:14 UTC 13.36.218.177
mnemonic passive DNS ocsp.godaddy.com (3) 698 2012-05-20 19:28:57 UTC 2022-10-03 06:33:58 UTC 192.124.249.22
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 35.167.231.108
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 09:22:31 UTC 142.250.74.10
mnemonic passive DNS dpm.demdex.net (3) 204 2017-01-30 04:59:39 UTC 2022-10-04 04:17:45 UTC 54.77.143.129
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS cdn.plaid.com (1) 17458 2018-07-31 05:49:13 UTC 2022-10-03 21:05:34 UTC 54.230.111.89
mnemonic passive DNS mpsnare.iesnare.com (4) 5723 2016-04-10 11:13:26 UTC 2022-10-04 05:21:50 UTC 54.228.71.178
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.110
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS ayetaablehands.org (18) 0 2021-12-30 04:52:14 UTC 2022-10-04 09:34:22 UTC 198.54.115.112 Unknown ranking
mnemonic passive DNS us.cobrowse.pega.com (1) 49768 2018-09-27 11:25:31 UTC 2022-10-03 21:05:34 UTC 54.209.9.35
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-10-04 08:34:20 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-10-04 05:06:21 UTC 34.251.26.3
mnemonic passive DNS frame.gleap.io (3) 0 2022-05-11 14:55:24 UTC 2022-10-04 09:14:41 UTC 51.124.12.35 Domain (gleap.io) ranked at: 530339
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 09:13:54 UTC 143.204.55.36
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS assets.adobedtm.com (5) 512 2014-01-28 04:51:35 UTC 2022-10-04 04:22:52 UTC 23.38.200.237
mnemonic passive DNS usassets.cobrowse.pega.com (2) 93477 2019-04-29 14:22:06 UTC 2022-10-03 21:05:34 UTC 3.232.141.152
mnemonic passive DNS digitalfederalcreditunion.sc.omtrdc.net (2) 158858 2020-04-10 15:09:38 UTC 2022-10-03 21:06:14 UTC 13.36.218.177
mnemonic passive DNS dcu.demdex.net (1) 167443 2019-09-26 13:40:13 UTC 2022-10-03 21:06:14 UTC 34.242.155.96
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.76.226


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 198.54.115.112

Date UQ / IDS / BL URL IP
2022-12-01 09:54:54 +0000
0 - 0 - 212 vibeswardrobe.com/ 198.54.115.112
2022-11-18 23:16:28 +0000
0 - 0 - 2 mr-el3omda.com/tcae/index.php?qbot.zip 198.54.115.112
2022-11-17 20:57:28 +0000
0 - 0 - 4 mr-el3omda.com/tcae/index.php?qbot.zip 198.54.115.112
2022-10-04 09:40:39 +0000
0 - 0 - 9 ayetaablehands.org/verify.dcu 198.54.115.112
2022-10-04 09:40:20 +0000
0 - 0 - 8 ayetaablehands.org/verify.dcu/ 198.54.115.112

Last 5 reports on ASN: NAMECHEAP-NET

Date UQ / IDS / BL URL IP
2022-12-02 14:03:50 +0000
0 - 0 - 1 www.nchlt.com/ 198.54.117.212
2022-12-02 13:51:23 +0000
0 - 0 - 2 personalizationmall.site/1129sen-orna1276 162.0.235.186
2022-12-02 12:51:18 +0000
0 - 0 - 2 personalizationmall.site/1129sen-orna1317 162.0.235.186
2022-12-02 12:47:36 +0000
0 - 0 - 2 moneysiteprofits.com/ 198.54.115.212
2022-12-02 12:36:27 +0000
0 - 0 - 4 iperwebita.com/ 66.29.141.36

Last 4 reports on domain: ayetaablehands.org

Date UQ / IDS / BL URL IP
2022-10-04 09:40:39 +0000
0 - 0 - 9 ayetaablehands.org/verify.dcu 198.54.115.112
2022-10-04 09:40:20 +0000
0 - 0 - 8 ayetaablehands.org/verify.dcu/ 198.54.115.112
2022-10-04 09:40:00 +0000
0 - 0 - 11 ayetaablehands.org/verify.dcu/otp.html 198.54.115.112
2022-10-04 09:39:39 +0000
0 - 0 - 10 ayetaablehands.org/verify.dcu/personal.html 198.54.115.112

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-06 09:35:18 +0000
0 - 0 - 13 floresycastillo.com/verify.dcu/otp.html 147.124.219.17
2022-09-20 20:26:57 +0000
0 - 0 - 9 wineshed.com.au/img/dcu/otp.html 203.26.41.132
2022-09-18 20:42:57 +0000
0 - 0 - 11 mbrindia.org/dcu/php/otp.html 192.185.129.84
2022-09-04 10:56:25 +0000
0 - 0 - 2 mundodental.co/rectify1/dcu/otp.html 104.21.90.176
2022-09-02 11:34:48 +0000
0 - 0 - 21 www.alfabetizacaodiaria.com/dcu/php/otp.html 162.241.203.130


JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (77)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p13BZArp8D111-lsl0yYEMpYhsDtg6ACBrP1o1EOuCF2dNaMjyFHrw==
Age: 3165


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8453
Expires: Tue, 04 Oct 2022 12:00:42 GMT
Date: Tue, 04 Oct 2022 09:39:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yqk8Ro0mMOoWGclgW79k-R8VqZt13yKXn2SN5_8ZBCAjF8EBJsDuxQ==
age: 15082
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 09:39:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:49 GMT
Server: ECS (amb/6B7B)
Content-Length: 471

                                        
                                            GET /verify.dcu/otp.html HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/html
                                        
last-modified: Tue, 23 Aug 2022 16:48:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5389
date: Tue, 04 Oct 2022 09:39:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2737), with CRLF line terminators
Size:   5389
Md5:    fa1269dec20e30778899de770c19bb60
Sha1:   94c52a94457a43d068128f04e53b4b6a3e624f2f
Sha256: 8ae256bf9dde3655b19bffd707dff26b2642c31b99fefe76dafef48dee7993c7

Alerts:
  Blocklists:
    - openphish: Digital Federal Credit Union
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3484
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:50 GMT
Last-Modified: Tue, 04 Oct 2022 08:41:46 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 04 Oct 2022 10:39:50 GMT
date: Tue, 04 Oct 2022 09:39:50 GMT
content-length: 1597
cache-control: no-cache
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3155)
Size:   1597
Md5:    e672de61b277fc72de4299829bfbb31c
Sha1:   157a7409922d58a02dad3ba879d04eb2a3ef8f3d
Sha256: e1a1c2a6f2ed4ffb63ebfda157eaf12c6ee3973be4da649eb63e0402c0d29215
                                        
                                            GET /c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "97a1294fe9ebfd08669e214fcc839024:1658495611.885198"
last-modified: Fri, 22 Jul 2022 13:13:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 04 Oct 2022 10:39:50 GMT
date: Tue, 04 Oct 2022 09:39:50 GMT
content-length: 73977
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32768)
Size:   73977
Md5:    c8e5e4603713b2afef04641fbdaadcf8
Sha1:   ba70173dec1981bb9419e44373987917c15512e8
Sha256: 3beb4f3ae29074fd5cfbd0c211659e3fe7499219b644bef22f79e4898cf92427
                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 04 Oct 2022 10:39:50 GMT
date: Tue, 04 Oct 2022 09:39:50 GMT
content-length: 12163
cache-control: no-cache
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32768)
Size:   12163
Md5:    e616df092766c7ab7904619f971a35cc
Sha1:   a960429c42802a43e3ce728fc4d1e8bdab10e606
Sha256: 082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4283
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:50 GMT
Last-Modified: Tue, 04 Oct 2022 08:28:27 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 10:27:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QEQ_khgDF267GGJczFK8doXGj05svybCb7k7NNMFkDB9E4ZrXmGDkw==
Age: 617


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /verify.dcu/js/config.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4283
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:50 GMT
Last-Modified: Tue, 04 Oct 2022 08:28:27 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /verify.dcu/css/app.7b1cd472.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:51:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 862
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2620)
Size:   862
Md5:    374ffa1beb17ca5fedb596a8f9be7258
Sha1:   0abcaf95e5556ee823cbc3333401affb7e85bb7b
Sha256: db4271215d918aaf05d3ee3fa1be20c92b0f8225cb863d7d96d8353f88ad23c5
                                        
                                            GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.228.71.178
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 09:39:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=cVJ2wOtxjklpFLQ5uyc9XOwkX1T11py0TldIb8dZfAo=;Path=/;Expires=Wed, 04-Oct-2023 09:39:50 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1038)
Size:   18557
Md5:    2cfdcd2172dd88298dbd7f7d5fe03a05
Sha1:   8ed390ba717a3d90fbbbcc7639957d4cc3ce3a74
Sha256: d2e1465e469b5caae7691cc92e766f119250ee8525bf7d76f617fe9ec64d337c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5421
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:50 GMT
Last-Modified: Tue, 04 Oct 2022 08:09:29 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /5.5.0/logo.js HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.228.71.178
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 09:39:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Wed, 04 Oct 2023 09:39:50 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (377)
Size:   420
Md5:    b02776e7f33c6326b838192e29d5222f
Sha1:   6d0d25b7aa1334ed83eb173bf1d652da3fbfcbd6
Sha256: 9c095de65354d1cbf04506d523cb6d672f6177f0145ff3337fa479ff724bfc35
                                        
                                            GET /verify.dcu/js/loader_only.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12306
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12306
Md5:    7801cbed3106dde98c8944ccbc32e9dc
Sha1:   6f4c9b84cd249dc0c00b36b38e5be8c17d6323cd
Sha256: a19a67a37f1e0ebd11657f3954e3273f503ed02fba7e2b770bda9882849836f1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 09:39:50 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 21:07:48 GMT
Expires: Tue, 04 Oct 2022 21:07:48 GMT
ETag: "55eaf4d91e827aeaeab051c72912dc3105b2d4be"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    619859b8ac9f97b2eeab8dc5a7b728ea
Sha1:   55eaf4d91e827aeaeab051c72912dc3105b2d4be
Sha256: 9605b8d3c86d2cec1e7b6ffa52e7811dd88a0bc76ebb392f146d365bd1b9179e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 09:39:50 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 21:07:48 GMT
Expires: Tue, 04 Oct 2022 21:07:48 GMT
ETag: "55eaf4d91e827aeaeab051c72912dc3105b2d4be"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    619859b8ac9f97b2eeab8dc5a7b728ea
Sha1:   55eaf4d91e827aeaeab051c72912dc3105b2d4be
Sha256: 9605b8d3c86d2cec1e7b6ffa52e7811dd88a0bc76ebb392f146d365bd1b9179e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 09:39:50 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 21:07:48 GMT
Expires: Tue, 04 Oct 2022 21:07:48 GMT
ETag: "55eaf4d91e827aeaeab051c72912dc3105b2d4be"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    619859b8ac9f97b2eeab8dc5a7b728ea
Sha1:   55eaf4d91e827aeaeab051c72912dc3105b2d4be
Sha256: 9605b8d3c86d2cec1e7b6ffa52e7811dd88a0bc76ebb392f146d365bd1b9179e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ouLN8XGQ9O7eNI8WipB18A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.167.231.108
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /jV5POxidgChT2TDq52UTX5V11I=

                                        
                                            GET /assets/stylesheets/customer/final/default.css?v=8.7.1 HTTP/1.1 
Host: usassets.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.232.141.152
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 09:39:50 GMT
content-length: 3489
set-cookie: AWSALB=JnDrLNQuV32qz7UvcmfOTMECjdq/ja7B4f8d3Z4i+dmwhYpYiV/U8OBHBLC7czxRywRcO/S4DnpXgsG1Q8mrgGE9XX5pExiQWlW+qo1cFS5+n+so0rBn2SiZfcBD; Expires=Tue, 11 Oct 2022 09:39:50 GMT; Path=/ AWSALBCORS=JnDrLNQuV32qz7UvcmfOTMECjdq/ja7B4f8d3Z4i+dmwhYpYiV/U8OBHBLC7czxRywRcO/S4DnpXgsG1Q8mrgGE9XX5pExiQWlW+qo1cFS5+n+so0rBn2SiZfcBD; Expires=Tue, 11 Oct 2022 09:39:50 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 13 Jul 2022 12:04:58 GMT
etag: "62ceb4ea-da1"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (14626)
Size:   3489
Md5:    c9e0ee1acc72fd18e3953cf614f7e879
Sha1:   bacc2349aab9dfac47cd153702e98e1fa48466f4
Sha256: e13c4a8b7d5d884e11579582e7e99198c7fdfbd2587a37f52add1783e49e5d8e
                                        
                                            GET /cobrowse/loadScripts HTTP/1.1 
Host: us.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.209.9.35
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:39:50 GMT
content-length: 508
set-cookie: AWSALB=JfwZ02qYU4lmxb4Zb5nLJdYW9+rPRt62KZYKXpXZLHptScd7Fo/UoYPEH47V3uRoXnkaAx8LaEfqMI9V/xCz8mFY1b/ZfEB679/s15fXfAym2s2W6T9OMePIq3No; Expires=Tue, 11 Oct 2022 09:39:50 GMT; Path=/ AWSALBCORS=JfwZ02qYU4lmxb4Zb5nLJdYW9+rPRt62KZYKXpXZLHptScd7Fo/UoYPEH47V3uRoXnkaAx8LaEfqMI9V/xCz8mFY1b/ZfEB679/s15fXfAym2s2W6T9OMePIq3No; Expires=Tue, 11 Oct 2022 09:39:50 GMT; Path=/; SameSite=None; Secure connect.sid=s%3AN5mcqES4pcYB3sDpSb72TcyqiTTCPVmh.o4MQUc9W%2B6uejtkUHxuKaUPysL0ixPqFbFF3mnP2IKQ; Path=/; Expires=Thu, 06 Oct 2022 09:39:50 GMT; Secure; SameSite=None
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, accept, x-j-token, content-type
etag: W/"1fc-7h1D3lVTGQGfiwcTpoOkY4A6m0E"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   508
Md5:    9cdb6851bb88c14e6033ca658ac8aa88
Sha1:   ee1d43de555319019f8b0713a683a463803a9b41
Sha256: fa05f2814bdcd558f6b652532c66d74a995b0a05f464bda6e9375fcb3c02cf82
                                        
                                            GET /verify.dcu/css/64.64d4d70e.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:50:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 346
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (686)
Size:   346
Md5:    b3cdae7337836bd228f44fa0aa0af5fe
Sha1:   db8f341e3117e192d4f00ab8255546466936c6c2
Sha256: 82296f44a9d4598a5a30cf370ac58d7dddb7eeb01984f10d672b90ff8833b2fd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:39:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 09:39:50 GMT
date: Tue, 04 Oct 2022 09:39:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1143
Md5:    3d0ffb42476f465f0581f7c60a068a21
Sha1:   9ee2753d4a95f8442165a5da72714dea19b1ebf8
Sha256: ed7eca192b5802e1c8bed8bc822def9046a32a1150ce2c7ecf885a1147799f1a
                                        
                                            GET /verify.dcu/js/64.390011c5.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/scripts/final/customer.js?v=8.7.1 HTTP/1.1 
Host: usassets.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.232.141.152
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 09:39:50 GMT
content-length: 261370
set-cookie: AWSALB=1zHLloi9bCcCr8IaLBm1tumdq7ro89C7s3GmWeAnHyVt57+ZTG6ho1DCXBnqBDqBpjuS0SqJ6+/Pwnqz9i8/1O3C+XW+aqLwy/36qii77tDLvpSPP751RZfzFb4L; Expires=Tue, 11 Oct 2022 09:39:50 GMT; Path=/ AWSALBCORS=1zHLloi9bCcCr8IaLBm1tumdq7ro89C7s3GmWeAnHyVt57+ZTG6ho1DCXBnqBDqBpjuS0SqJ6+/Pwnqz9i8/1O3C+XW+aqLwy/36qii77tDLvpSPP751RZfzFb4L; Expires=Tue, 11 Oct 2022 09:39:50 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Mon, 18 Jul 2022 06:30:25 GMT
etag: "62d4fe01-3fcfa"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   261370
Md5:    eb9524e46cc30efd2673a51baa3a655e
Sha1:   f9860cf1e6dc646899418909a7bf2156df4556a4
Sha256: c1898417dc51a18a977daaea237101556511c77a676d51982c6c035cbf15f1c1
                                        
                                            GET /verify.dcu/css/vendor.7de76d70.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:51:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 73693
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65448)
Size:   73693
Md5:    97671d32692cd539aff299e8979eda26
Sha1:   e48e8994ad38e2da051741785ee355caba08788d
Sha256: 61f7aaae56170ee9f95129f2b1581991648af5e71656e6eb375dc9a1906c72c1
                                        
                                            GET /verify.dcu/css/chunk-common.d06af608.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:51:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2683
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13269)
Size:   2683
Md5:    441d1323318ef24957a964151c4d113e
Sha1:   ac685aa2e4db5e176ac7c3f9edeb2d3e8b42ca71
Sha256: 15052d918d0fe6cd06498d9ad4747b09a6c139f12479d623d01bc5da0ed72260
                                        
                                            GET /verify.dcu/js/chunk-common.112fec58.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /verify.dcu/css/2.658b5c49.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:50:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 582
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1693)
Size:   582
Md5:    bcddb5748150a5d42a2621df521162b4
Sha1:   b5e2be32ba8552dd7bc48ecf2a01c5d5c49b411b
Sha256: f908adbdc894d86fcc84f77a219b979cb9d594671839ae3df9e18d55f17349e0
                                        
                                            GET /verify.dcu/dcuLogoDark.png HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:49:04 GMT
accept-ranges: bytes
content-length: 7743
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 217 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size:   7743
Md5:    ae64e87365d6e6696145c8c53ce3632e
Sha1:   09337bd0289c432bffab6f653297fe2534ad0c68
Sha256: d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e
                                        
                                            GET /verify.dcu/js/2.a6ab680e.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/app.fa332a3e.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    72f5ab118f2f8eba98f3e19c5f2d9fee
Sha1:   0f78ee88099be388852b8fe09a1299b2d46569be
Sha256: af9c9cb2713471db8810c666161d1418ff0b0b360180f094e2eb583f0ea25c32

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/vendor.e1d2459d.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:50 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    72f5ab118f2f8eba98f3e19c5f2d9fee
Sha1:   0f78ee88099be388852b8fe09a1299b2d46569be
Sha256: af9c9cb2713471db8810c666161d1418ff0b0b360180f094e2eb583f0ea25c32

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:31:20 GMT
expires: Tue, 03 Oct 2023 18:31:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:33:24 GMT
age: 54511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size:   17156
Md5:    7e344afc10a492d516789f072fa6edfd
Sha1:   f38bd0b4e9d0577528f533b8ecd80801a0c6340f
Sha256: c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /star HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ayetaablehands.org
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q4rFbf+7KbHidKn8YIQxBg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.228.71.178
HTTP/1.1 101 Switching Protocols
                                        
Server: nginx
Date: Tue, 04 Oct 2022 09:39:51 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: 3SvNIq3JskUBiqijfglmZ5Dp1LI=
Upgrade: WebSocket

                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
TE: trailers

                                         
                                         23.38.200.237
HTTP/2 304 Not Modified
content-type: application/x-javascript
                                        
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
expires: Tue, 04 Oct 2022 10:39:51 GMT
date: Tue, 04 Oct 2022 09:39:51 GMT
cache-control: no-cache
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
TE: trailers

                                         
                                         23.38.200.237
HTTP/2 304 Not Modified
content-type: application/x-javascript
                                        
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
expires: Tue, 04 Oct 2022 10:39:51 GMT
date: Tue, 04 Oct 2022 09:39:51 GMT
cache-control: no-cache
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:55:18 GMT
expires: Tue, 03 Oct 2023 21:55:18 GMT
cache-control: public, max-age=31536000
age: 42273
last-modified: Mon, 09 May 2022 18:31:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data
Size:   17116
Md5:    bcf3a3fb620dfbee774f84e2c8e71530
Sha1:   40a79d240acdd7e5a95e165515ac7c0958a37971
Sha256: 280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
                                        
                                            GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:08:02 GMT
expires: Tue, 03 Oct 2023 21:08:02 GMT
cache-control: public, max-age=31536000
age: 45109
last-modified: Mon, 09 May 2022 18:33:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Size:   16980
Md5:    8a97f720d330e75ccdbda9ae0e9f5e90
Sha1:   8e4fee916581ab48d385187705667cebc7500afe
Sha256: 97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:39:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2542
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:51 GMT
Last-Modified: Tue, 04 Oct 2022 08:57:29 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1664876391048 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.77.143.129
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ayetaablehands.org
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-0d06d6d5c.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=10557436559856298514228753018138061207; Max-Age=15552000; Expires=Sun, 02 Apr 2023 09:39:51 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: Z578VuBHQ20=
Content-Length: 835
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2304), with no line terminators
Size:   835
Md5:    159cd1d9f0fb3fbf1f667ddeebad505e
Sha1:   660924b9ba332e37f526876822948af7534dc06d
Sha256: 2391fd964829402f5bd4984e095f9367aaba030f149b8a95fd971f58cd045eb5
                                        
                                            GET /js/vendor.e1d2459d.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19270%7CvVersion%7C5.4.0; at_check=true; mbox=session#5a91f126ba8046fba97567a8670aa92a#1664878252
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    72f5ab118f2f8eba98f3e19c5f2d9fee
Sha1:   0f78ee88099be388852b8fe09a1299b2d46569be
Sha256: af9c9cb2713471db8810c666161d1418ff0b0b360180f094e2eb583f0ea25c32

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3270
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:51 GMT
Last-Modified: Tue, 04 Oct 2022 08:45:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /js/app.fa332a3e.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19270%7CvVersion%7C5.4.0; at_check=true; mbox=session#5a91f126ba8046fba97567a8670aa92a#1664878252
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    72f5ab118f2f8eba98f3e19c5f2d9fee
Sha1:   0f78ee88099be388852b8fe09a1299b2d46569be
Sha256: af9c9cb2713471db8810c666161d1418ff0b0b360180f094e2eb583f0ea25c32

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6405
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:51 GMT
Last-Modified: Tue, 04 Oct 2022 07:53:06 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=10345642661166094834202649560065955527&ts=1664876391328 HTTP/1.1 
Host: digitalfederalcreditunion.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.36.218.177
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
access-control-allow-origin: https://ayetaablehands.org
access-control-allow-credentials: true
date: Tue, 04 Oct 2022 09:39:51 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: dcu.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         34.242.155.96
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Tue, 4 Oct 2022 09:39:51 GMT
DCS: dcs-prod-irl1-2-v044-04c5fceec.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:47:43 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 15xLnDzfQ1s=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            GET /m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=5a91f126ba8046fba97567a8670aa92a&mboxPC=&mboxPage=6857e2c57e1142b6b1e35065fd4b411b&mboxRid=bea5fd0ca724488c97040cd7ca21900b&mboxVersion=1.8.3&mboxCount=1&mboxTime=1664876391077&mboxHost=ayetaablehands.org&mboxURL=https%3A%2F%2Fayetaablehands.org%2Fverify.dcu%2Fotp.html&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Fayetaablehands.org%2Fverify.dcu%2Fotp.html&mboxMCSDID=1801999DA740D210-18EE1E208421C5EA&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=10345642661166094834202649560065955527&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 HTTP/1.1 
Host: digitalfederalcredit.tt.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.36.218.177
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
                                        
date: Tue, 04 Oct 2022 09:39:51 GMT
content-length: 96
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://ayetaablehands.org
access-control-allow-credentials: true
x-request-id: bea5fd0ca724488c97040cd7ca21900b
pragma: no-cache
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: jag
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   96
Md5:    3f25f41c8b8a0fe322f54d36c1119ba0
Sha1:   a3dcbf9a84482b14a71813f7e7ea3777b1a8206e
Sha256: 76db95242daef740eefdfa83f4763eba87ffb4c17ed0a431120b2f703f73ff87
                                        
                                            GET /time.mp3?nocache=0.37588559733055715 HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.228.71.178
HTTP/1.1 206 Partial Content
Content-Type: audio/mpeg
                                        
Server: nginx
Date: Tue, 04 Oct 2022 09:39:51 GMT
Content-Length: 504
Connection: keep-alive
Content-Disposition: inline; filename=time.mp3
Content-Range: bytes 0-503/504
Accept-Ranges: bytes
Pragma: public
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains


--- Additional Info ---
Magic:  MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Size:   504
Md5:    cfe47da3367b896cf8fe9d23144e6294
Sha1:   5eb28e56c71ce7e851b99b4d90b4091e3090243a
Sha256: 2857eb76b4850703192f5d42bc145b2384147fcb65f63b5447ed74664e241507
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19270%7CMCMID%7C10345642661166094834202649560065955527%7CMCAAMLH-1665481191%7C6%7CMCAAMB-1665481191%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664883591s%7CNONE%7CvVersion%7C5.4.0; at_check=true; mbox=session#5a91f126ba8046fba97567a8670aa92a#1664878252; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html
                                        
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 04 Oct 2022 09:39:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:39:52 GMT
Last-Modified: Tue, 04 Oct 2022 09:03:38 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n89ELZPN6h4p_M1rqxdPF3BwVizVyroNWQ3YYa8R17S-UbEK6t0haQ==
Age: 2174

                                        
                                            GET /cm/dd?d_uuid=10557436559856298514228753018138061207 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.251.26.3
HTTP/1.1 302
                                        
Date: Tue, 04 Oct 2022 09:39:52 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Yzv-aAAAAFnXXgOV; Domain=.everesttech.net; Expires=Wed, 04-Oct-2023 09:39:52 GMT; Path=/ everest_session_v2=Yzv-aAAAAFnXXwOV; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yzv-aAAAAFnXXgOV
Server: AMO-cookiemap/1.1

                                        
                                            GET /ibs:dpid=411&dpuuid=Yzv-aAAAAFnXXgOV HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ayetaablehands.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.77.143.129
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-08580ef78.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yzv-aAAAAFnXXgOV
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=50938433171861180423870083634790398972; Max-Age=15552000; Expires=Sun, 02 Apr 2023 09:39:52 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: gx0yHzMKTZA=
Content-Length: 0
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15526
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:39:52 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1246
Md5:    1dba34865833569d1efd3834abc3617c
Sha1:   abee4e1751a0d5abbecc7b9a87ed38491d843957
Sha256: 77efde3e9d5fe36405e49d4cd0ebfd81b0c8620132d088195a385c1a2cd8d29b

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15526
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:39:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 42932
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15526
Expires: Tue, 04 Oct 2022 13:58:38 GMT
Date: Tue, 04 Oct 2022 09:39:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 42919
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 42932
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET / HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         51.124.12.35
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 04 Oct 2022 09:39:51 GMT
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "77914261"
last-modified: Tue, 27 Sep 2022 11:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (644), with no line terminators
Size:   11424
Md5:    64b57f96c225663ac2e3507af9d445db
Sha1:   9f6b1755eaddfad82da4391454f8ee485132b214
Sha256: 7a6a664af52ce493b315c15c98ab0f4782e837829e990a498d85adea520793be
                                        
                                            GET /b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCUM/s58147216595107?AQB=1&ndh=1&pf=1&t=4%2F9%2F2022%209%3A39%3A51%202%200&sdid=1801999DA740D210-18EE1E208421C5EA&vid=10345642661166094834202649560065955527&mid=10345642661166094834202649560065955527&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Averify.dcu%3Aotp.html&g=https%3A%2F%2Fayetaablehands.org%2Fverify.dcu%2Fotp.html&cc=USD&ch=verify.dcu&server=ayetaablehands.org&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=verify.dcu&c2=verify.dcu%3Aotp.html&v2=verify.dcu%3Aotp.html&c9=D%3Dv9&v9=https%3A%2F%2Fayetaablehands.org%2Fverify.dcu%2Fotp.html&v10=D%3Dc10&v11=projectfinance%3Aen%3Averify.dcu%3Aotp.html&v12=year%3D2022%20%7C%20month%3DOctober%20%7C%20date%3D4%20%7C%20day%3DTuesday%20%7C%20time%3D9%3A39%20AM&v13=New&c14=23&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=10345642661166094834202649560065955527&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1 HTTP/1.1 
Host: digitalfederalcreditunion.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.36.218.177
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
access-control-allow-origin: *
date: Tue, 04 Oct 2022 09:39:52 GMT
expires: Mon, 03 Oct 2022 09:39:52 GMT
last-modified: Wed, 05 Oct 2022 09:39:52 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3575294829749927936-4619770055159885000
vary: *
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 2\012- data
Size:   43
Md5:    ad480fd0732d0f6f1a8b06359e3a42bb
Sha1:   a544538683a2dfe574eeb2e358ac8fcc78289d50
Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 17821
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yzv-aAAAAFnXXgOV HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ayetaablehands.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.77.143.129
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-07a02cb5f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Ob//zBpnR4A=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            GET /verify.dcu/undefined/api/config?messagesType=customer&language=en-US&company= HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/otp.html
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19270%7CMCMID%7C10345642661166094834202649560065955527%7CMCAAMLH-1665481191%7C6%7CMCAAMB-1665481191%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664883591s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19277%7CvVersion%7C5.4.0; at_check=true; mbox=session#5a91f126ba8046fba97567a8670aa92a#1664878252|PC#5a91f126ba8046fba97567a8670aa92a.37_0#1728121192; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1; s_tslv=1664876391787; s_vnc365=1696412391787%26vn%3D1; s_ivc=true; s_dur=1664876391788; s_nr30=1664876391812-New; s_ppv=projectfinance%253Aen%253Averify.dcu%253Aotp.html%2C100%2C100%2C939%2C1%2C1; s_ips=939; s_tp=939; s_cc=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:39:53 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    c9248dbd52a81810cfa7b95008856867
Sha1:   7804efc41e1439b1c44bacd89b2007d0b91ebd32
Sha256: cba9ef2fb67f706b44d4591aeacbf8a94596b4519b4dfd8e70c404b1f1f4c18d
                                        
                                            GET /static/css/main.de56b7b2.css HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frame.gleap.io/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         51.124.12.35
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 09:39:51 GMT
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "77914261"
last-modified: Tue, 27 Sep 2022 11:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/main.273ce5e1.js HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frame.gleap.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         51.124.12.35
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 04 Oct 2022 09:39:51 GMT
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "77914261"
last-modified: Tue, 27 Sep 2022 11:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:32:19 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
age: 36453
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /link/v2/stable/link-initialize.js HTTP/1.1 
Host: cdn.plaid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.89
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: 7qWnQ8lcuco7jLQCDxdHH8TcJNQzLDWQO1JncoVpKd+n1Q+14W+eD4k8dnBAJSN6QoHB9wIQwjg=
x-amz-request-id: M7XQ9Z50C2CJGQ0F
date: Tue, 04 Oct 2022 03:08:42 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 19:48:07 GMT
etag: W/"7414bb655596877cab6594ef7d7c62b1"
x-amz-server-side-encryption: AES256
cache-control: no-cache,must-revalidate,max-age=0
x-amz-version-id: ARwFLa4QBRXkoi7tIF8RpyXG6Qrm9ayE
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CiL9V8CyokT607ou76vi_38CBSvS1J4PLogKfwb3BCKG7NVEa3qqFw==
age: 23469
X-Firefox-Spdy: h2


--- Additional Info ---