Overview

URLzucmpnjves.duckdns.org/
IP 45.12.138.161 (United States)
ASN#35913 DEDIPATH-LLC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access lock_open
Report completed2022-12-04 01:19:29 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts
11
DynDNS domain detected
Tags None

Domain Summary (8)

Fully Qualifying Domain Name Rank First Seen Last Seen Sent bytes Received bytes IP Comment
ocsp.digicert.com (2) 86 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 682 1594 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 782 2373 34.102.187.140
zucmpnjves.duckdns.org (10) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3610 39271 45.12.138.161
content-signature-2.cdn.mozilla.net (1) 1152 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 413 5844 34.160.144.191
contile.services.mozilla.com (1) 1114 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 333 229 34.117.237.239
push.services.mozilla.com (1) 2140 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 606 127 54.149.156.115
img-getpocket.cdn.mozilla.net (6) 1631 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3245 68520 34.120.237.76
r3.o.lencr.org (5) 344 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1690 4430 23.33.119.27

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 medium zucmpnjves.duckdns.org/ Phishing
2022-12-04 medium zucmpnjves.duckdns.org/noindex/css/fonts/Light/OpenSans-Light.woff Phishing
2022-12-04 medium zucmpnjves.duckdns.org/noindex/css/fonts/Bold/OpenSans-Bold.woff Phishing
2022-12-04 medium zucmpnjves.duckdns.org/noindex/css/fonts/Light/OpenSans-Light.ttf Phishing
2022-12-04 medium zucmpnjves.duckdns.org/noindex/css/fonts/Bold/OpenSans-Bold.ttf Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.12.138.161
Date UQ / IDS / BL URL IP
2023-05-31 06:36:11 UTC 3 - 12 - 0 onheqrinkm.duckdns.org/ 45.12.138.161
2023-04-11 06:53:58 UTC 3 - 9 - 1 odwgwjjzmi.duckdns.org/ 45.12.138.161
2023-04-10 09:04:21 UTC 3 - 9 - 1 paonjrexff.duckdns.org/ 45.12.138.161
2023-04-01 22:29:46 UTC 3 - 7 - 0 ltivbkpoko.duckdns.org/ 45.12.138.161
2023-04-01 20:28:43 UTC 3 - 6 - 1 egnitekobh.duckdns.org/ 45.12.138.161


Last 5 reports on ASN: DEDIPATH-LLC
Date UQ / IDS / BL URL IP
2023-06-09 04:13:04 UTC 4 - 15 - 0 jnwycdkzyy.duckdns.org/ 45.88.168.205
2023-06-09 04:07:36 UTC 4 - 15 - 0 hzwxbqqskg.duckdns.org/ 45.12.138.144
2023-06-09 03:05:33 UTC 0 - 3 - 1 45.83.140.48/420/cleanmgr.exe 45.83.140.48
2023-06-08 23:57:08 UTC 0 - 0 - 10 194.110.247.198 194.110.247.198
2023-06-08 23:54:36 UTC 0 - 0 - 2 171.22.136.15 171.22.136.15


Last 1 reports on domain: zucmpnjves.duckdns.org
Date UQ / IDS / BL URL IP
2022-12-04 01:19:29 UTC 11 - 0 - 5 zucmpnjves.duckdns.org/ 45.12.138.161


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-04-01 20:29:34 UTC 11 - 14 - 5 fxjuvtddjn.duckdns.org/ 45.82.251.31
2023-04-01 16:42:56 UTC 11 - 14 - 5 tsbyonopjc.duckdns.org/ 45.88.168.229
2023-04-01 11:46:22 UTC 11 - 14 - 5 riistnzmsm.duckdns.org/ 66.150.66.64
2023-04-01 10:39:01 UTC 11 - 14 - 5 mvtnvbiwtn.duckdns.org/ 45.88.168.229
2023-04-01 10:30:45 UTC 11 - 14 - 5 ixlkcydbgi.duckdns.org/ 45.88.168.229

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (28)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2384
Expires: Sun, 04 Dec 2022 01:59:02 GMT
Date: Sun, 04 Dec 2022 01:19:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 4689
Cache-Control: max-age=124203
Date: Sun, 04 Dec 2022 01:19:18 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:49:21 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 00:20:01 GMT
cache-control: public,max-age=3600
age: 3557
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2311
Expires: Sun, 04 Dec 2022 01:57:49 GMT
Date: Sun, 04 Dec 2022 01:19:18 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             45.12.138.161
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=UTF-8
                                            
Date: Sun, 04 Dec 2022 01:19:18 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Thu, 16 Oct 2014 13:20:58 GMT
ETag: "1321-5058a1e728280"
Accept-Ranges: bytes
Content-Length: 4897
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   4897
Md5:    5f3664ed52f6df47c88ec162bb36add4
Sha1:   8e66f78c4d0f075066205823d110bc1902157fcf
Sha256: 9ec2f0698f1c3497de39a192dd1c3f3e4506ff1a84dbf85082344297dc52e681

urlquery:
  - DynDNS domain detected
Blocklists:
  - fortinet: Phishing
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                            
x-amz-id-2: KLloukgOJYsmyeg/v1MFgHxM+QhdpcANnIDh6pCHsErEvvL58RF3vQoUsjQ4qha4n1cy9AjbxhQ=
x-amz-request-id: T2CYB15Z6ZK41H36
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 00:47:20 GMT
age: 1918
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                            
server: nginx
date: Sun, 04 Dec 2022 01:19:18 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /noindex/css/open-sans.css HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/

                                        
                                             45.12.138.161
HTTP/1.1 200 OK
Content-Type: text/css
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT
ETag: "13d9-4fc0a3f32a9c0"
Accept-Ranges: bytes
Content-Length: 5081
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   5081
Md5:    0ca7398a3e9ef11b70b5dfd1a052fe58
Sha1:   8bb7623c7027e927c0eced114d6011c57101a26f
Sha256: 65e9f0d6919c412dd5a04c322ce9cf9db80a1182f57778606a76110086c49fca

urlquery:
  - DynDNS domain detected
                                        
                                            GET /noindex/css/bootstrap.min.css HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/

                                        
                                             45.12.138.161
HTTP/1.1 200 OK
Content-Type: text/css
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT
ETag: "4b8d-4fc0a3f32a9c0"
Accept-Ranges: bytes
Content-Length: 19341
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (19170)
Size:   19341
Md5:    44c7856dea679ebcccf8fe201fbe1a7c
Sha1:   192a297f8aeda2bcdd0faa5320ffff825d24116f
Sha256: bc40aeafcd25bc944d0d6357298c1b198b4a1fe294e0b84015d04b72cf942c10

urlquery:
  - DynDNS domain detected
                                        
                                            GET /images/poweredby.png HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/

                                        
                                             45.12.138.161
HTTP/1.1 200 OK
Content-Type: image/png
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT
ETag: "f74-4fc0a3f32a9c0"
Accept-Ranges: bytes
Content-Length: 3956
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 88 x 31, 8-bit/color RGB, non-interlaced\012- data
Size:   3956
Md5:    5b1ca9f747c1b73dfa1c508765d9056a
Sha1:   6b319c943d8c69e212e7de8385802891dbafe8a3
Sha256: 5b720d579bbc1f8fee3b64df9290d41a28c747a5802589e48e05b7ebbfe9fc2f

urlquery:
  - DynDNS domain detected
                                        
                                            GET /images/apache_pb.gif HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/

                                        
                                             45.12.138.161
HTTP/1.1 200 OK
Content-Type: image/gif
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Last-Modified: Tue, 17 Jun 2014 16:00:47 GMT
ETag: "916-4fc0a3f32a9c0"
Accept-Ranges: bytes
Content-Length: 2326
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 259 x 32\012- data
Size:   2326
Md5:    48bc8b181b36c9289866a2e30f6afedd
Sha1:   7bcc5d916d33ab08929a9f7c1d07c33ac1ba47ba
Sha256: 1654416fec35a8b5d36ee0257025cec63e56dfe8572b6ff67c6b0d0d43158cbb

urlquery:
  - DynDNS domain detected
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 01:11:19 GMT
cache-control: public,max-age=3600
age: 480
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /noindex/css/fonts/Light/OpenSans-Light.woff HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/noindex/css/open-sans.css

                                        
                                             45.12.138.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Content-Length: 241
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   241
Md5:    d5d3f08fc8f1b36bac0b06b89d5384ca
Sha1:   cafebd0173cce7edfcbadcea5b8eabc4d7a20511
Sha256: c4183128dc59a2ce673414a77fcab7ca0250ef354ef636df49d2b83580734ee0

urlquery:
  - DynDNS domain detected
Blocklists:
  - fortinet: Phishing
                                        
                                            GET /noindex/css/fonts/Bold/OpenSans-Bold.woff HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/noindex/css/open-sans.css

                                        
                                             45.12.138.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Content-Length: 239
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   239
Md5:    55e916743163813c7b8f4524f6e36b99
Sha1:   e1353703fda388ec26bf105b4132b0459f10163e
Sha256: b5b54ea0662073c401cabb250a4f107c4763241fa43418503ae5764cff7e9ee4

urlquery:
  - DynDNS domain detected
Blocklists:
  - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/

                                        
                                             45.12.138.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Content-Length: 209
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

urlquery:
  - DynDNS domain detected
                                        
                                            GET /noindex/css/fonts/Light/OpenSans-Light.ttf HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/noindex/css/open-sans.css

                                        
                                             45.12.138.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Content-Length: 240
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   240
Md5:    5a99182bd45553a369543ec2937fa690
Sha1:   c8766a2b6d830b3d38263d54b0e88c1e384664b7
Sha256: 67db0d028a14f7beb79f8bc441b5d687ca683511965d60e40faebec708d85612

urlquery:
  - DynDNS domain detected
Blocklists:
  - fortinet: Phishing
                                        
                                            GET /noindex/css/fonts/Bold/OpenSans-Bold.ttf HTTP/1.1 
Host: zucmpnjves.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://zucmpnjves.duckdns.org/noindex/css/open-sans.css

                                        
                                             45.12.138.161
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                            
Date: Sun, 04 Dec 2022 01:19:19 GMT
Server: Apache/2.4.6 (CentOS)
Content-Length: 238
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   238
Md5:    75a28665a8da5eb0e3200d8279c7ef42
Sha1:   ee945af618fe1976e31cd1c467ae0cd68a7fad29
Sha256: e163df3b08c83f6bdc15321fb0403d1dd059f2846037916a3d12ad2806cb5978

urlquery:
  - DynDNS domain detected
Blocklists:
  - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 4631
Cache-Control: max-age=119083
Date: Sun, 04 Dec 2022 01:19:19 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:24:02 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CQzTutFEeqHQpgS530mZjA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        
                                             54.149.156.115
HTTP/1.1 101 Switching Protocols
                                            
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Drz2sGJqMP8sqWLjilPW8CmMV8U=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7687
Expires: Sun, 04 Dec 2022 03:27:28 GMT
Date: Sun, 04 Dec 2022 01:19:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7687
Expires: Sun, 04 Dec 2022 03:27:28 GMT
Date: Sun, 04 Dec 2022 01:19:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7687
Expires: Sun, 04 Dec 2022 03:27:28 GMT
Date: Sun, 04 Dec 2022 01:19:21 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 13002
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85837b29-ffdd-4915-a6ab-8d0721427d1b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 9356
x-amzn-requestid: 13227ea0-07e5-460c-b909-324fd267bb2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_uGThoAMFoug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-6776240c50d737ca55ce3b26;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kKuGnPHBMhIEvx-sTw6nJCiajijgnNmNrW5EEzmNdvVZcDfV_hTJ4A==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 04:17:43 GMT
age: 75698
etag: "aa134912d4f5ddfb371c45d9975506246af68400"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9356
Md5:    591104ff3c76193fe3c24fbbbb332f7d
Sha1:   aa134912d4f5ddfb371c45d9975506246af68400
Sha256: af0cbb5c37c901019c1e684fe9a019bb7a2fb8359909ab831b7ff86cbc3d0fec
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:43:43 GMT
age: 63338
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F97ab0e82-c847-4f8f-9308-0c525094c97e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 8466
x-amzn-requestid: c93740a8-aaa7-4862-a8c0-b8cca762aff2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-FrkIAMFesA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-0ea7316079ab528531bf20c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mQRPr27oxlHauXVA0KfDSHeKP9_swx5ke7CLb9n2fwmYjgCt5HF9uA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:51:41 GMT
age: 12460
etag: "a47a6ce6420ea055ec7f1f97e70f1e695579d167"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8466
Md5:    7292946ed06f9cf5d53135eb21e10045
Sha1:   a47a6ce6420ea055ec7f1f97e70f1e695579d167
Sha256: 51b8e06b38328244f18e2efb0f9a2ae26ac8f699c41fc50f173eb0c4d84349b3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8cb98e4-6956-416c-82e2-269c1c3a9ea7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 9447
x-amzn-requestid: 7f33035c-70b3-4efd-9bbe-0975847cb21a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltmLExfoAMFwYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f4-20c26c902a341f7a00b62316;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PpTFuHAWhFD1MhQGFZWYpenveUsGPtRE3GkL0Dy1mSFh-EeDcUKa_w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:16:34 GMT
age: 10967
etag: "3382013402b80585d811e8df916e32c055e559b7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9447
Md5:    95358bd2d700ee56273f5c03bb1b0ec9
Sha1:   3382013402b80585d811e8df916e32c055e559b7
Sha256: 9bdcf882b96fbbac533a799269480cc1af0e1dd891854939e1500adf2a5d1c10
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 12735
etag: "8637105f41058bc0d2b259d462b560881928adb6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10431
Md5:    2636f91bb8fa4d9bb7bef114c248a9ae
Sha1:   8637105f41058bc0d2b259d462b560881928adb6
Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7