Overview

URLlwbsvpjzxl.duckdns.org/
IP 45.12.138.13 (United States)
ASN#35913 DEDIPATH-LLC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-02 23:58:33 UTC
StatusLoading report..
IDS alerts0
Blocklist alert10
urlquery alerts
11
DynDNS domain detected
Tags None

Domain Summary (12)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
getpocket.cdn.mozilla.net (1) 1369 2018-08-28 13:15:36 UTC 2020-03-21 16:37:27 UTC 34.120.5.221
cdnjs.cloudflare.com (1) 235 2015-04-17 20:46:33 UTC 2022-11-02 08:53:27 UTC 104.17.25.14
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-02 20:21:53 UTC 142.250.74.10
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.162.110.205
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
lwbsvpjzxl.duckdns.org (10) 0 2022-09-26 07:39:49 UTC 2022-10-12 13:39:41 UTC 45.12.138.13 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-02 05:33:59 UTC 34.117.237.239
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-11-02 21:17:54 UTC 142.250.74.99 Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed
2022-11-02 2 lwbsvpjzxl.duckdns.org Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.12.138.13
Date UQ / IDS / BL URL IP
2023-01-19 00:24:45 +0000 11 - 0 - 9 jmfonhercq.duckdns.org/ 45.12.138.13
2023-01-12 10:46:45 +0000 11 - 19 - 9 oytbgsfrff.duckdns.org/ 45.12.138.13
2023-01-12 10:46:29 +0000 11 - 19 - 9 orzfmqskxm.duckdns.org/ 45.12.138.13
2023-01-09 01:43:41 +0000 11 - 19 - 9 vxhvirunpm.duckdns.org/ 45.12.138.13
2023-01-07 18:38:41 +0000 11 - 19 - 9 ftmpnixfws.duckdns.org/ 45.12.138.13


Last 5 reports on ASN: DEDIPATH-LLC
Date UQ / IDS / BL URL IP
2023-02-01 22:25:59 +0000 0 - 4 - 0 zuhrpdzzxx.duckdns.org/ 63.251.217.14
2023-02-01 20:58:18 +0000 0 - 6 - 0 zylzpgzste.duckdns.org/ 45.12.138.200
2023-02-01 20:56:22 +0000 0 - 6 - 0 bpcceugxuh.duckdns.org/ 193.239.146.59
2023-02-01 20:49:42 +0000 0 - 4 - 0 qomilkwojp.duckdns.org/ 193.239.146.81
2023-02-01 20:14:01 +0000 0 - 4 - 0 spcbwwsets.duckdns.org/ 193.187.128.159


Last 3 reports on domain: lwbsvpjzxl.duckdns.org
Date UQ / IDS / BL URL IP
2023-01-07 18:32:18 +0000 11 - 19 - 9 lwbsvpjzxl.duckdns.org/ 45.12.138.13
2022-11-02 23:58:33 +0000 11 - 0 - 10 lwbsvpjzxl.duckdns.org/ 45.12.138.13
2022-10-06 05:59:26 +0000 5 - 0 - 7 lwbsvpjzxl.duckdns.org/ 45.12.138.13


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-19 00:24:45 +0000 11 - 0 - 9 jmfonhercq.duckdns.org/ 45.12.138.13
2023-01-12 10:46:45 +0000 11 - 19 - 9 oytbgsfrff.duckdns.org/ 45.12.138.13
2023-01-12 10:46:29 +0000 11 - 19 - 9 orzfmqskxm.duckdns.org/ 45.12.138.13
2023-01-09 01:43:41 +0000 11 - 19 - 9 vxhvirunpm.duckdns.org/ 45.12.138.13
2023-01-07 18:38:41 +0000 11 - 19 - 9 ftmpnixfws.duckdns.org/ 45.12.138.13

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (36)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B00022C599D7A74BD264B90A1CA9F935EB8A7BC6E63A9751DDDC8ACFBAFE58DA"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3433
Expires: Thu, 03 Nov 2022 00:55:34 GMT
Date: Wed, 02 Nov 2022 23:58:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "52E975770DC3D257DADC5F836F60B002C64E532E7D072427C3FCDBC76E2DB2C6"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5935
Expires: Thu, 03 Nov 2022 01:37:16 GMT
Date: Wed, 02 Nov 2022 23:58:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2CC72FF87DCDABCB0A67D8DDA7A7C440F8650FFE77F71602954A3076762BE50A"
Last-Modified: Tue, 01 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4659
Expires: Thu, 03 Nov 2022 01:16:00 GMT
Date: Wed, 02 Nov 2022 23:58:21 GMT
Connection: keep-alive

                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: HKdWstj3fP1RwNtoAMZalrntf2i1XuuZ7VyAzD6P4uF9X2CQqpo3Jg==
content-encoding: gzip
via: 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 23:58:07 GMT
age: 206
content-length: 39341
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   39341
Md5:    50053d8f199f26b949c546594eb80899
Sha1:   671192fe74318508021bc5ae6547b4ca07e6fc19
Sha256: 272baa89cfc5857e93e204f5cfd9d26115326c64af9045094cf2a09e9c35a201
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 2lRX7reX+I/DfqRGB89gnsiG5cm+a2i6yGPfB2xCc3WRUS5V+6prMG6dJbcm9Uz0qXICtWXiV7Q=
x-amz-request-id: 2B72JCTKA1MWZHB4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 02 Nov 2022 23:08:56 GMT
age: 2966
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET / HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         45.12.138.13
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
X-Powered-By: Express
Service-Worker-Allowed: /
Date: Wed, 02 Nov 2022 23:58:21 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (45542)
Size:   55458
Md5:    3c74d126df7633a9ca49259a0e054c37
Sha1:   12cf1358724b91baa4e3c9fa997f333d85ff9ea1
Sha256: 60c00877a8a907b78ac846d654607c735c1208d87db54b84fcbf04620f2b45fb

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 02 Nov 2022 23:58:22 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 02 Nov 2022 23:58:22 GMT
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 27046
expires: Mon, 23 Oct 2023 23:58:22 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdEJWVVfuv6H7uLaWMJMhDosIQpGcmEHARuGCFeqr1o7IcPfC6%2FvVTTzB%2F5hMjv8SgK2SM%2BkiG%2BwSqwJPjzgFHiGwrpnMQAlWfpULO462oRqrl%2BIMEmoXjL5oShfIBxbbJNG5fe8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7640d15c6c44b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   5631
Md5:    109d1ed85cd01f9cdab73a4cac5bf80d
Sha1:   d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
Sha256: 8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6031
Cache-Control: max-age=126794
Date: Wed, 02 Nov 2022 23:58:22 GMT
Etag: "636238d9-1d7"
Expires: Fri, 04 Nov 2022 11:11:36 GMT
Last-Modified: Wed, 02 Nov 2022 09:31:05 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /__neb/core/util.js HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
content-type: application/javascript
                                        
X-Powered-By: Express
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text
Size:   620
Md5:    736d976acace0a62d7438dcc2db3d8d6
Sha1:   ccf9fedb6f615833dc92c1eab5788fbaf161214b
Sha256: 1c13ebf0afff5f0290da621eacdf567ee2d614c80b65669a1fefdc3adf320d25

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /__neb/core/proxy.js HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
content-type: application/javascript
                                        
X-Powered-By: Express
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (4940)
Size:   14914
Md5:    62b254b7e8838b23e4bbbbd552423dcd
Sha1:   f02101f3551c2322a6ce441473350e6a36c4d9c3
Sha256: 4c1021b1b198ab303a4c84b63e547e76982242be5726082214a51bcaae2fdd02

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 02 Nov 2022 23:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 02 Nov 2022 23:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 02 Nov 2022 23:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /__neb/core/client.js HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
content-type: application/javascript
                                        
X-Powered-By: Express
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  C++ source, ASCII text
Size:   8677
Md5:    a2218bdb0c5a18ec1976c1001f63871f
Sha1:   68349a89fcf46144873702bebbe7225f96021f20
Sha256: c136da75817d077f87ab999020eeb90f2b1dbbfac0b24f97421936f7ff52522d

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /index.js HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
X-Powered-By: Express
Service-Worker-Allowed: /
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 01 Nov 2022 18:47:23 GMT
ETag: W/"42-184348502a2"
Content-Length: 66
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  ASCII text
Size:   66
Md5:    3b61ffbcfa6d22063278b589e886b61d
Sha1:   eec430a4b824049ca6219687034a05bbc639d802
Sha256: aa43230adc8aed152e1979f31f2c1e7ccd88cb7f7364769142408126f49143ce

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /script.js HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
X-Powered-By: Express
Service-Worker-Allowed: /
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 01 Nov 2022 18:47:23 GMT
ETag: W/"4c4-184348502a3"
Content-Length: 1220
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  ASCII text
Size:   1220
Md5:    44125f0e695092e10f48c91a7237e338
Sha1:   bd00fa32885bd205c5e96b2794a5efbad60892e2
Sha256: 587d397de39eefeb393aa48fcbfff18c75427b5af67d91f911e8a36d9622d6b6

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /home.jpeg HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
X-Powered-By: Express
Service-Worker-Allowed: /
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 01 Nov 2022 18:47:23 GMT
ETag: W/"743c-184348502a2"
Content-Length: 29756
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 297x396, components 3\012- data
Size:   29756
Md5:    61a9ebd7cb0e894003bbf30fc83847a2
Sha1:   fc929a05c32f7d6e511dc450c6b563297c3bfa0e
Sha256: a64307b34983b6f7dd9ebb2eca5a20eb2da25280ab861d11f7ca79d146d2e1cf

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css2?family=Roboto+Mono&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 02 Nov 2022 23:58:22 GMT
date: Wed, 02 Nov 2022 23:58:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1012
Md5:    e0aa16c8cc71825727ba2bda9468fa17
Sha1:   2a496902177c2506496dce2d543bf9f5c3c255d4
Sha256: 3f8863fe51a28aabf3cc85f2a6a8723fbc6a1d5d7b91635ea8219f1902dd9bb6
                                        
                                            GET /s/andadapro/v12/HhyEU5Qi9-SuOEhPe4LtKoVCuWGURPcg3DPJBb8bHr0.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://lwbsvpjzxl.duckdns.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.99
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17272
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Oct 2022 19:52:04 GMT
expires: Tue, 31 Oct 2023 19:52:04 GMT
cache-control: public, max-age=31536000
age: 187578
last-modified: Fri, 24 Jun 2022 19:48:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17272, version 1.0\012- data
Size:   17272
Md5:    8b4460b60ef5564e0f5c3f29fccb01e6
Sha1:   29722f06f96b61baf13f33f548e4db990b817862
Sha256: b3596a6d2c77e61155a5fd1de76b900cb4f33d8718b7f0462a53d3ecc99b8d68
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 02 Nov 2022 23:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /socket.io/socket.io.js HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=0
ETag: "4.5.1"
content-encoding: gzip
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text
Size:   25789
Md5:    2a8b9c5b417b4728855e818c53b544aa
Sha1:   e0fbd180d98191f855a07cb076061f4ffc1f8acb
Sha256: 7c0aa2146ddd58b29c3e5b047c856f434b853ebae28ccc275d6b80f3e841e4f4

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /jquery.js HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
X-Powered-By: Express
Service-Worker-Allowed: /
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 01 Nov 2022 18:47:23 GMT
ETag: W/"1764d-184348502a3"
Content-Length: 95821
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   95821
Md5:    d4a20d75db01a33e2d65e303ce5c34f3
Sha1:   b14a228c3632ebfe3d20e5ea830ceea313523353
Sha256: 4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: lwbsvpjzxl.duckdns.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/

search
                                         45.12.138.13
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
X-Powered-By: Express
Service-Worker-Allowed: /
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 01 Nov 2022 18:47:23 GMT
ETag: W/"25892-184348502a2"
Content-Length: 153746
Date: Wed, 02 Nov 2022 23:58:22 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  PNG image data, 1024 x 1030, 8-bit/color RGBA, interlaced\012- data
Size:   153746
Md5:    fc6601bcea1256514db6938b5e55d5ad
Sha1:   ed18f2d86ff219dcace5f49fb18e7e23e1405ef0
Sha256: d835fc25e82dee2a822bc903a1ec92cc33cb22c41710e6bbd42313851ba50d8b

Alerts:
  urlquery:
    - DynDNS domain detected
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5618
Cache-Control: max-age=121324
Date: Wed, 02 Nov 2022 23:58:22 GMT
Etag: "63622518-1d7"
Expires: Fri, 04 Nov 2022 09:40:26 GMT
Last-Modified: Wed, 02 Nov 2022 08:06:48 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VKOJge1SvzLr4I9GZWcBPw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.162.110.205
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XNssCXSMfO+Vm8AhaFnUShII4Mw=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7659
Expires: Thu, 03 Nov 2022 02:06:03 GMT
Date: Wed, 02 Nov 2022 23:58:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7659
Expires: Thu, 03 Nov 2022 02:06:03 GMT
Date: Wed, 02 Nov 2022 23:58:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7659
Expires: Thu, 03 Nov 2022 02:06:03 GMT
Date: Wed, 02 Nov 2022 23:58:24 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8dd5c36-0f84-4c71-b515-880ebaa20d52.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7972
x-amzn-requestid: fa64bad3-9070-43c8-83d1-803fb3696318
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a8cx_GSlIAMFZqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6361a80c-5806a37c15d428d96366abfa;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 23:13:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iqgd7vcEMOwtje9j7BtJq-06_n0xpr55wk0Ln3ICopiN12Kbwsp0Xg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 09:58:00 GMT
age: 50424
etag: "eafb1bafaa2feb2b188aeb1bc8caac505337d258"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7972
Md5:    ff4da3d2c66d6f155fea05b88127873d
Sha1:   eafb1bafaa2feb2b188aeb1bc8caac505337d258
Sha256: 82e62da33562177403fcab7a552a5f5f64c91ab4cee25dd1cd979dedfe066cde
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: w5Nv6yf06dCHv6q9wt8-guOfQSMywfZFoXxwWvcLc9FtdwgRIqPcUQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 17:57:00 GMT
age: 21684
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10462
Md5:    4e2853cc6ec6223160471401e6871f4b
Sha1:   f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F116416c7-b158-4c98-af55-3027f9bfbd6c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7044
x-amzn-requestid: 6ed2687f-f478-4206-a9b7-fc63428966bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a5sd1GcvIAMFYew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63608df1-79ada3087098484923a3b64d;Sampled=0
x-amzn-remapped-date: Tue, 01 Nov 2022 03:09:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XnmHyNs0p2YBy7AdjlYWB1usXYmGqaoTaWEyI7gAzkwS7ljr8eWvYg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 03:27:30 GMT
age: 73854
etag: "ee2c892adba5d3e12ac8443065c38317752f3e4a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7044
Md5:    cc615bd01e1ac97fec7bf47b18f0e999
Sha1:   ee2c892adba5d3e12ac8443065c38317752f3e4a
Sha256: ca41974691496f2629f45cba9bb21b84e7dbb9cefbf7e8e3348c98b101002269
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d61981c-a7e8-43ae-bb4a-ada61e2d1837.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10208
x-amzn-requestid: 4ad004f2-1600-4f6c-8877-548ccf64c787
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avzazHrVIAMF5QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c9911-711f4cb1024e76ee66d612c6;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 03:08:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4GEk977nFhpTF_BA21pF6mp7H5jZsyHk7U5RAPtM0qm5OGz-0OB8og==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 03:55:15 GMT
age: 72189
etag: "d7a6266ee5b7dd8984c9a203fc94669d50978c3b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10208
Md5:    3cf58e368cf1020c3a736395996ee057
Sha1:   d7a6266ee5b7dd8984c9a203fc94669d50978c3b
Sha256: 8406463a50a8dabe29182a1872e9d37723ba1c2f756f2bbf95846cae7ac9d11d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c1f0aa-9ef9-468e-9e11-7a02b7969f7f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10411
x-amzn-requestid: 21836619-61da-4d22-811c-f605f5d41170
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avzazF_zoAMFgOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c9911-4678c6272cf91c3d0f4827b8;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 03:08:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PIJZv-8apSbp7NjdZai0MsLCup3XWcMLbd6NLLX_VzfRSXS31ivuRg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 08:26:25 GMT
age: 55919
etag: "107817da1e00f629351ebbeb62caf795a6a8393b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10411
Md5:    f6a0b42162a59f85f6ddb149bbb09517
Sha1:   107817da1e00f629351ebbeb62caf795a6a8393b
Sha256: 0e6094306076439f0aaa893d8a4f4188a9ded69f4dca19b47d4762a19b5fc8fa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3235a32d-fb0b-4624-8362-0b2d8fead111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10255
x-amzn-requestid: 5414f7ef-f510-4666-97f4-c8cb042f6877
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: atDhDEstIAMFlAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b7fa0-76cd3cf7260dfe7c66ded970;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 07:07:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7V1UVCycRm1iW3P_Pm8zi-M9y4xwHdLwPe0rRIP7ASzvu8BfSJtnFw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 02 Nov 2022 04:11:49 GMT
age: 71195
etag: "c8188247edb78ee5f3c469a612b2430bbcd513b6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10255
Md5:    788a6ab1a5391958811453809e08ec74
Sha1:   c8188247edb78ee5f3c469a612b2430bbcd513b6
Sha256: e961a4412a3f73ab7da9db2da06e72528a2abded50a442741687787933e98900
                                        
                                            GET /css2?family=Andada+Pro&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lwbsvpjzxl.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 02 Nov 2022 23:58:22 GMT
date: Wed, 02 Nov 2022 23:58:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---