Overview

URL ayetaablehands.org/verify.dcu/
IP198.54.115.112
ASNNAMECHEAP-NET
Location United States
Report completed2022-10-04 09:40:20 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-03 2 ayetaablehands.org/verify.dcu/ Digital Federal Credit Union
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-04 2 ayetaablehands.org/verify.dcu/ Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/config.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/loader_only.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/64.390011c5.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/chunk-common.112fec58.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/2.a6ab680e.js Phishing
2022-10-04 2 ayetaablehands.org/verify.dcu/js/2.a6ab680e.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (25)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS mpsnare.iesnare.com (3) 5723 2016-04-10 11:13:26 UTC 2022-10-04 05:21:50 UTC 54.228.71.178
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-10-04 08:34:20 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS dpm.demdex.net (3) 204 2017-01-30 04:59:39 UTC 2022-10-04 04:17:45 UTC 54.154.199.204
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.110
mnemonic passive DNS mpsnare.iesnare.com (3) 5723 2016-04-10 11:13:26 UTC 2022-10-04 05:21:50 UTC 54.195.39.4
mnemonic passive DNS ocsp.godaddy.com (3) 698 2012-05-20 19:28:57 UTC 2022-10-03 06:33:58 UTC 192.124.249.24
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-04 04:45:06 UTC 35.155.157.101
mnemonic passive DNS digitalfederalcreditunion.sc.omtrdc.net (1) 158858 2020-04-10 15:09:38 UTC 2022-10-03 21:06:14 UTC 13.36.218.177
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS usassets.cobrowse.pega.com (2) 93477 2019-04-29 14:22:06 UTC 2022-10-03 21:05:34 UTC 3.232.141.152
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS dcu.demdex.net (1) 167443 2019-09-26 13:40:13 UTC 2022-10-03 21:06:14 UTC 34.255.95.163
mnemonic passive DNS digitalfederalcredit.tt.omtrdc.net (1) 202275 2019-09-26 13:40:13 UTC 2022-10-03 21:06:14 UTC 15.236.176.210
mnemonic passive DNS cdn.plaid.com (2) 17458 2018-07-31 05:49:13 UTC 2022-10-03 21:05:34 UTC 54.230.111.36
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 09:13:54 UTC 143.204.55.27
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS assets.adobedtm.com (5) 512 2014-01-28 04:51:35 UTC 2022-10-04 04:22:52 UTC 23.38.200.237
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 09:22:31 UTC 142.250.74.10
mnemonic passive DNS cm.everesttech.net (1) 996 2017-01-30 04:59:57 UTC 2022-10-04 05:06:21 UTC 54.74.40.111
mnemonic passive DNS ayetaablehands.org (15) 0 2021-12-30 04:52:14 UTC 2022-10-04 09:34:22 UTC 198.54.115.112 Unknown ranking
mnemonic passive DNS us.cobrowse.pega.com (1) 49768 2018-09-27 11:25:31 UTC 2022-10-03 21:05:34 UTC 3.232.141.152
mnemonic passive DNS frame.gleap.io (3) 0 2022-05-11 14:55:24 UTC 2022-10-04 09:14:41 UTC 51.124.12.35 Domain (gleap.io) ranked at: 530339
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 198.54.115.112

Date UQ / IDS / BL URL IP
2022-11-18 23:16:28 +0000
0 - 0 - 2 mr-el3omda.com/tcae/index.php?qbot.zip 198.54.115.112
2022-11-17 20:57:28 +0000
0 - 0 - 4 mr-el3omda.com/tcae/index.php?qbot.zip 198.54.115.112
2022-10-04 09:40:39 +0000
0 - 0 - 9 ayetaablehands.org/verify.dcu 198.54.115.112
2022-10-04 09:40:20 +0000
0 - 0 - 8 ayetaablehands.org/verify.dcu/ 198.54.115.112
2022-10-04 09:40:00 +0000
0 - 0 - 11 ayetaablehands.org/verify.dcu/otp.html 198.54.115.112

Last 5 reports on ASN: NAMECHEAP-NET

Date UQ / IDS / BL URL IP
2022-11-30 14:30:19 +0000
0 - 0 - 0 apps.cbg.com.gh 198.54.114.177
2022-11-30 14:16:20 +0000
0 - 0 - 2 personalizationmall.cfd/1129sen-orna1102 162.0.235.186
2022-11-30 14:16:21 +0000
0 - 0 - 2 personalizationmall.cfd/1129sen-orna1113 162.0.235.186
2022-11-30 13:55:59 +0000
0 - 0 - 50 effexorbuy.com/mtn-n/ 66.29.132.103
2022-11-30 13:51:17 +0000
0 - 0 - 1 lovebetween.co/ 192.64.119.61

Last 4 reports on domain: ayetaablehands.org

Date UQ / IDS / BL URL IP
2022-10-04 09:40:39 +0000
0 - 0 - 9 ayetaablehands.org/verify.dcu 198.54.115.112
2022-10-04 09:40:20 +0000
0 - 0 - 8 ayetaablehands.org/verify.dcu/ 198.54.115.112
2022-10-04 09:40:00 +0000
0 - 0 - 11 ayetaablehands.org/verify.dcu/otp.html 198.54.115.112
2022-10-04 09:39:39 +0000
0 - 0 - 10 ayetaablehands.org/verify.dcu/personal.html 198.54.115.112

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-23 06:03:49 +0000
0 - 0 - 6 1dcu-0rg-ver1fy.tk/ 146.190.53.99
2022-11-23 02:06:16 +0000
0 - 0 - 7 1dcu-0rg-ver1fy.tk/ 146.190.53.99
2022-10-06 09:34:38 +0000
0 - 0 - 8 floresycastillo.com/verify.dcu 147.124.219.17
2022-10-06 03:35:08 +0000
0 - 0 - 6 floresycastillo.com/verify.dcu/ 147.124.219.17
2022-09-23 20:41:02 +0000
0 - 0 - 16 www.casadebendicion.us/dcu/php/ 50.87.106.174


JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (74)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 08:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MjCZ2BPrTC2dnVCoKzSzxH5Ebk7IbFy8HBGNGTMcsx24zpMRgSN9Gw==
Age: 3185


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2395
Expires: Tue, 04 Oct 2022 10:20:04 GMT
Date: Tue, 04 Oct 2022 09:40:09 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zcXZBdIyCd04lzg9E92PVwVMl1l5Ertkxt1qNfcQYXE-fVgqGBjVmw==
age: 15102
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 09:40:09 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:10 GMT
Server: ECS (amb/6BA9)
Content-Length: 471

                                        
                                            GET /verify.dcu/ HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/html
                                        
last-modified: Tue, 23 Aug 2022 16:25:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5300
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1408), with CRLF line terminators
Size:   5300
Md5:    c19b89c2f4f293bc72a77938b043872b
Sha1:   1c9d9f972bab0ced38da4428d74a4d6b053e3233
Sha256: 3c6f1839936ba95feb0108569f028a7fbe5a39ff7534e01540c5e7d13adaa034

Alerts:
  Blocklists:
    - openphish: Digital Federal Credit Union
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1672
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:10 GMT
Last-Modified: Tue, 04 Oct 2022 09:12:18 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /c710ed4af822/4edff89d26dd/launch-1574d0b03693.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "97a1294fe9ebfd08669e214fcc839024:1658495611.885198"
last-modified: Fri, 22 Jul 2022 13:13:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Tue, 04 Oct 2022 10:40:10 GMT
date: Tue, 04 Oct 2022 09:40:10 GMT
content-length: 73977
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32768)
Size:   73977
Md5:    c8e5e4603713b2afef04641fbdaadcf8
Sha1:   ba70173dec1981bb9419e44373987917c15512e8
Sha256: 3beb4f3ae29074fd5cfbd0c211659e3fe7499219b644bef22f79e4898cf92427
                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 04 Oct 2022 10:40:10 GMT
date: Tue, 04 Oct 2022 09:40:10 GMT
content-length: 1597
cache-control: no-cache
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3155)
Size:   1597
Md5:    e672de61b277fc72de4299829bfbb31c
Sha1:   157a7409922d58a02dad3ba879d04eb2a3ef8f3d
Sha256: e1a1c2a6f2ed4ffb63ebfda157eaf12c6ee3973be4da649eb63e0402c0d29215
                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.237
HTTP/2 200 OK
content-type: application/x-javascript
                                        
accept-ranges: bytes
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
expires: Tue, 04 Oct 2022 10:40:10 GMT
date: Tue, 04 Oct 2022 09:40:10 GMT
content-length: 12163
cache-control: no-cache
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32768)
Size:   12163
Md5:    e616df092766c7ab7904619f971a35cc
Sha1:   a960429c42802a43e3ce728fc4d1e8bdab10e606
Sha256: 082ae7647bfdb639846791e5c0ca39b96544dff3aed0c365973c9589cd5b091e
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 09:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 10:27:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zKoELRc9ndUXX9Z5u_7ORyrzLxff4T1qNdLeQKNU2L90yijCULqvkQ==
Age: 637


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5179
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:10 GMT
Last-Modified: Tue, 04 Oct 2022 08:13:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4951
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:10 GMT
Last-Modified: Tue, 04 Oct 2022 08:17:39 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /verify.dcu/js/config.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.195.39.4
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 09:40:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=r3gLKfJ/bMk/LdiWz44mV8K+7X3+WlYMZtSNEqJyiFs=;Path=/;Expires=Wed, 04-Oct-2023 09:40:10 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1038)
Size:   18558
Md5:    2330ada2500009060a8eb2c74ae2fc4a
Sha1:   6cf9372b266761df43eeed7c18cbec83d7415510
Sha256: aed0203df07f35b451e94ffdc80b936674f9a76011ae07e60d5b524b4e4365ec
                                        
                                            GET /5.5.0/logo.js HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.195.39.4
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Tue, 04 Oct 2022 09:40:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Wed, 04 Oct 2023 09:40:10 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (377)
Size:   416
Md5:    63f37dac22787fffb477a2e0891ed153
Sha1:   fcb85219f44e5eac0e0988647c850237146e53b2
Sha256: 4dfa8e9f6ee55c6d1560322dd4b4ff42d38b71755163c67346ba8f0f4fc5a2da
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4641
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:10 GMT
Last-Modified: Tue, 04 Oct 2022 08:22:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /verify.dcu/js/loader_only.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12306
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12306
Md5:    7801cbed3106dde98c8944ccbc32e9dc
Sha1:   6f4c9b84cd249dc0c00b36b38e5be8c17d6323cd
Sha256: a19a67a37f1e0ebd11657f3954e3273f503ed02fba7e2b770bda9882849836f1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 09:40:10 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 21:07:48 GMT
Expires: Tue, 04 Oct 2022 21:07:48 GMT
ETag: "55eaf4d91e827aeaeab051c72912dc3105b2d4be"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    619859b8ac9f97b2eeab8dc5a7b728ea
Sha1:   55eaf4d91e827aeaeab051c72912dc3105b2d4be
Sha256: 9605b8d3c86d2cec1e7b6ffa52e7811dd88a0bc76ebb392f146d365bd1b9179e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 09:40:10 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 21:07:48 GMT
Expires: Tue, 04 Oct 2022 21:07:48 GMT
ETag: "55eaf4d91e827aeaeab051c72912dc3105b2d4be"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    619859b8ac9f97b2eeab8dc5a7b728ea
Sha1:   55eaf4d91e827aeaeab051c72912dc3105b2d4be
Sha256: 9605b8d3c86d2cec1e7b6ffa52e7811dd88a0bc76ebb392f146d365bd1b9179e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         192.124.249.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Sucuri/Cloudproxy
Date: Tue, 04 Oct 2022 09:40:10 GMT
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 03 Oct 2022 21:07:48 GMT
Expires: Tue, 04 Oct 2022 21:07:48 GMT
ETag: "55eaf4d91e827aeaeab051c72912dc3105b2d4be"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"


--- Additional Info ---
Magic:  data
Size:   1778
Md5:    619859b8ac9f97b2eeab8dc5a7b728ea
Sha1:   55eaf4d91e827aeaeab051c72912dc3105b2d4be
Sha256: 9605b8d3c86d2cec1e7b6ffa52e7811dd88a0bc76ebb392f146d365bd1b9179e
                                        
                                            GET /assets/stylesheets/customer/final/default.css?v=8.7.1 HTTP/1.1 
Host: usassets.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.232.141.152
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 09:40:10 GMT
content-length: 3489
set-cookie: AWSALB=oXb3AB9VMc6HvTIo/EIuOwvCxzGS8M7RUmIyIZvSMkXzMh04/jpQUvVQOrzbSUH6yoyxv3hsTdEAiE+ipbE7F6keoUAfhWaY5/V5s4xtHWmM86QoVVoIqYUS1rCO; Expires=Tue, 11 Oct 2022 09:40:10 GMT; Path=/ AWSALBCORS=oXb3AB9VMc6HvTIo/EIuOwvCxzGS8M7RUmIyIZvSMkXzMh04/jpQUvVQOrzbSUH6yoyxv3hsTdEAiE+ipbE7F6keoUAfhWaY5/V5s4xtHWmM86QoVVoIqYUS1rCO; Expires=Tue, 11 Oct 2022 09:40:10 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 13 Jul 2022 12:04:58 GMT
etag: "62ceb4ea-da1"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (14626)
Size:   3489
Md5:    c9e0ee1acc72fd18e3953cf614f7e879
Sha1:   bacc2349aab9dfac47cd153702e98e1fa48466f4
Sha256: e13c4a8b7d5d884e11579582e7e99198c7fdfbd2587a37f52add1783e49e5d8e
                                        
                                            GET /cobrowse/loadScripts HTTP/1.1 
Host: us.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.232.141.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 04 Oct 2022 09:40:10 GMT
content-length: 508
set-cookie: AWSALB=3/Svpr8U1UVGqFtvqVhMrwXgRZ8BGElmaSCOMCNAgWtj0+WIP4US8xKpgH+yn5TDWwQh4NSZqMhTf3pHCRvdOwLgW+aD+wes6mtcHusYFipUYRtDFnvD/msJX8Ak; Expires=Tue, 11 Oct 2022 09:40:10 GMT; Path=/ AWSALBCORS=3/Svpr8U1UVGqFtvqVhMrwXgRZ8BGElmaSCOMCNAgWtj0+WIP4US8xKpgH+yn5TDWwQh4NSZqMhTf3pHCRvdOwLgW+aD+wes6mtcHusYFipUYRtDFnvD/msJX8Ak; Expires=Tue, 11 Oct 2022 09:40:10 GMT; Path=/; SameSite=None; Secure connect.sid=s%3AGp6J4E_Z53kGDyAZZgRWY-PWJfXeSVIa.i5EM9xpa3H%2BiEB2g7AXkj8G75Q78HSZv0hLmxVBVGkA; Path=/; Expires=Thu, 06 Oct 2022 09:40:10 GMT; Secure; SameSite=None
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, accept, x-j-token, content-type
etag: W/"1fc-7h1D3lVTGQGfiwcTpoOkY4A6m0E"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   508
Md5:    9cdb6851bb88c14e6033ca658ac8aa88
Sha1:   ee1d43de555319019f8b0713a683a463803a9b41
Sha256: fa05f2814bdcd558f6b652532c66d74a995b0a05f464bda6e9375fcb3c02cf82
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XZbCEcIPRWfRNt5yiBRGdQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.155.157.101
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 49BjbfLclocQPTujPgYGcT5gxL0=

                                        
                                            GET /verify.dcu/css/app.7b1cd472.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:51:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 862
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2620)
Size:   862
Md5:    374ffa1beb17ca5fedb596a8f9be7258
Sha1:   0abcaf95e5556ee823cbc3333401affb7e85bb7b
Sha256: db4271215d918aaf05d3ee3fa1be20c92b0f8225cb863d7d96d8353f88ad23c5
                                        
                                            GET /verify.dcu/css/64.64d4d70e.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:50:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 346
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (686)
Size:   346
Md5:    b3cdae7337836bd228f44fa0aa0af5fe
Sha1:   db8f341e3117e192d4f00ab8255546466936c6c2
Sha256: 82296f44a9d4598a5a30cf370ac58d7dddb7eeb01984f10d672b90ff8833b2fd
                                        
                                            GET /verify.dcu/css/vendor.7de76d70.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:51:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 73693
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65448)
Size:   73693
Md5:    97671d32692cd539aff299e8979eda26
Sha1:   e48e8994ad38e2da051741785ee355caba08788d
Sha256: 61f7aaae56170ee9f95129f2b1581991648af5e71656e6eb375dc9a1906c72c1
                                        
                                            GET /verify.dcu/js/64.390011c5.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /verify.dcu/css/chunk-common.d06af608.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:51:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2683
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13269)
Size:   2683
Md5:    441d1323318ef24957a964151c4d113e
Sha1:   ac685aa2e4db5e176ac7c3f9edeb2d3e8b42ca71
Sha256: 15052d918d0fe6cd06498d9ad4747b09a6c139f12479d623d01bc5da0ed72260
                                        
                                            GET /assets/scripts/final/customer.js?v=8.7.1 HTTP/1.1 
Host: usassets.cobrowse.pega.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         3.232.141.152
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 04 Oct 2022 09:40:10 GMT
content-length: 261370
set-cookie: AWSALB=5P6Sgj2dFE8uOscWjaRt25tQPoJAwAXZsRIHlhjlVNBDjhNRCgesdAGA66AvD7EnSThe3Ku1q9rgRCk6+kjQr7BTYfnGamhzqtdcDOLtcTp20l2H8avK4MMkDi85; Expires=Tue, 11 Oct 2022 09:40:10 GMT; Path=/ AWSALBCORS=5P6Sgj2dFE8uOscWjaRt25tQPoJAwAXZsRIHlhjlVNBDjhNRCgesdAGA66AvD7EnSThe3Ku1q9rgRCk6+kjQr7BTYfnGamhzqtdcDOLtcTp20l2H8avK4MMkDi85; Expires=Tue, 11 Oct 2022 09:40:10 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Mon, 18 Jul 2022 06:30:25 GMT
etag: "62d4fe01-3fcfa"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   261370
Md5:    eb9524e46cc30efd2673a51baa3a655e
Sha1:   f9860cf1e6dc646899418909a7bf2156df4556a4
Sha256: c1898417dc51a18a977daaea237101556511c77a676d51982c6c035cbf15f1c1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:40:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /verify.dcu/js/chunk-common.112fec58.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /verify.dcu/css/2.658b5c49.css HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:50:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 582
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1693)
Size:   582
Md5:    bcddb5748150a5d42a2621df521162b4
Sha1:   b5e2be32ba8552dd7bc48ecf2a01c5d5c49b411b
Sha256: f908adbdc894d86fcc84f77a219b979cb9d594671839ae3df9e18d55f17349e0
                                        
                                            GET /verify.dcu/js/2.a6ab680e.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /verify.dcu/dcuLogoDark.png HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 200 OK
content-type: image/png
                                        
cache-control: public, max-age=10368000
expires: max-age=A10368000, public
last-modified: Thu, 18 Aug 2022 23:49:04 GMT
accept-ranges: bytes
content-length: 7743
date: Tue, 04 Oct 2022 09:40:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 217 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size:   7743
Md5:    ae64e87365d6e6696145c8c53ce3632e
Sha1:   09337bd0289c432bffab6f653297fe2534ad0c68
Sha256: d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e
                                        
                                            GET /css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 09:40:11 GMT
date: Tue, 04 Oct 2022 09:40:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1143
Md5:    3d0ffb42476f465f0581f7c60a068a21
Sha1:   9ee2753d4a95f8442165a5da72714dea19b1ebf8
Sha256: ed7eca192b5802e1c8bed8bc822def9046a32a1150ce2c7ecf885a1147799f1a
                                        
                                            GET /verify.dcu/js/2.a6ab680e.js HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:40:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    dc14d9d9a04773fd45682acd983a7a6e
Sha1:   fb2170d8355509d2a925e1d5b256dfd4a3e2ede8
Sha256: 239aeea4fe983a5163ece0a683e167cd4d223db332f29e69da1c319a70e8c033

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /star HTTP/1.1 
Host: mpsnare.iesnare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://ayetaablehands.org
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5sPDg+e73UELG5SeXRDfvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.228.71.178
HTTP/1.1 101 Switching Protocols
                                        
Server: nginx
Date: Tue, 04 Oct 2022 09:40:11 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: rd56FudsiFwSq8Jht6Tk/CJlyXw=
Upgrade: WebSocket

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:40:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:40:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:40:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:08:02 GMT
expires: Tue, 03 Oct 2023 21:08:02 GMT
cache-control: public, max-age=31536000
age: 45129
last-modified: Mon, 09 May 2022 18:33:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Size:   16980
Md5:    8a97f720d330e75ccdbda9ae0e9f5e90
Sha1:   8e4fee916581ab48d385187705667cebc7500afe
Sha256: 97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:31:20 GMT
expires: Tue, 03 Oct 2023 18:31:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:33:24 GMT
age: 54531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Size:   17156
Md5:    7e344afc10a492d516789f072fa6edfd
Sha1:   f38bd0b4e9d0577528f533b8ecd80801a0c6340f
Sha256: c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
                                        
                                            GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:55:18 GMT
expires: Tue, 03 Oct 2023 21:55:18 GMT
cache-control: public, max-age=31536000
age: 42293
last-modified: Mon, 09 May 2022 18:31:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data
Size:   17116
Md5:    bcf3a3fb620dfbee774f84e2c8e71530
Sha1:   40a79d240acdd7e5a95e165515ac7c0958a37971
Sha256: 280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
TE: trailers

                                         
                                         23.38.200.237
HTTP/2 304 Not Modified
content-type: application/x-javascript
                                        
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
expires: Tue, 04 Oct 2022 10:40:11 GMT
date: Tue, 04 Oct 2022 09:40:11 GMT
cache-control: no-cache
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            GET /extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1 
Host: assets.adobedtm.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 14 Feb 2022 16:35:31 GMT
If-None-Match: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
TE: trailers

                                         
                                         23.38.200.237
HTTP/2 304 Not Modified
content-type: application/x-javascript
                                        
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
expires: Tue, 04 Oct 2022 10:40:11 GMT
date: Tue, 04 Oct 2022 09:40:11 GMT
cache-control: no-cache
access-control-allow-origin: https://ayetaablehands.org
timing-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 09:40:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2259
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:11 GMT
Last-Modified: Tue, 04 Oct 2022 09:02:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1664876411391 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.154.199.204
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ayetaablehands.org
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-0c2c7cff5.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=27440947492406750861068909570727741784; Max-Age=15552000; Expires=Sun, 02 Apr 2023 09:40:11 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: mSh3Bk+DQLY=
Content-Length: 836
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2304), with no line terminators
Size:   836
Md5:    f3d3f100ec1f12c7a49572eb6a605754
Sha1:   6d2829144a3546f00151fa350d8d74d5b907ad1a
Sha256: 5eda32caf66cd2bae9fd40fab4917739b1ae20405c48481d637d045e597d8d99
                                        
                                            GET / HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         51.124.12.35
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 04 Oct 2022 09:40:11 GMT
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "77914261"
last-modified: Tue, 27 Sep 2022 11:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (644), with no line terminators
Size:   827
Md5:    7c7cd98b2a4d6523a103f99b9d1cbbfb
Sha1:   773c17d20c6546413552694ae1a9a7556701d226
Sha256: 4056808c03aea3e780428cd5b608abd72ff34448ab1a09f33204b8a1da445f89
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19270%7CvVersion%7C5.4.0; at_check=true; mbox=session#086b30a3960e43ca98ebe06378d0b3c9#1664878272
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html
                                        
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-length: 1238
date: Tue, 04 Oct 2022 09:40:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   1238
Md5:    0bde7d4b3da67537eaf9188e6f8049cf
Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a
Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2475
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:12 GMT
Last-Modified: Tue, 04 Oct 2022 08:58:57 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6233
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:12 GMT
Last-Modified: Tue, 04 Oct 2022 07:56:19 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /static/js/main.273ce5e1.js HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frame.gleap.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         51.124.12.35
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Tue, 04 Oct 2022 09:40:11 GMT
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "77914261"
last-modified: Tue, 27 Sep 2022 11:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65465)
Size:   124093
Md5:    0ea054b266890f4e15c8c83012601054
Sha1:   afbdfb86c907d15aff0692ad284bef0b3b3c2585
Sha256: 6cffdcf0978aac1b937dddfba4b1e55cac701b594d8c789abd5ade81c5e24321
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: dcu.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         34.255.95.163
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Tue, 4 Oct 2022 09:40:12 GMT
DCS: dcs-prod-irl1-2-v044-0925a81f5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 29 Sep 2022 16:47:43 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: GOBcqJsCQng=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (550)
Size:   3534
Md5:    842fcc9377801e2c1b8369c594927c15
Sha1:   8017d095fd9e9a9f856579f4559d52a0a7ca9f1a
Sha256: 2ed2bf9f8f7732e7cfbcc545e391bdc4145c1cbe4b8fe226bc34badf83190cbd
                                        
                                            GET /m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=086b30a3960e43ca98ebe06378d0b3c9&mboxPC=&mboxPage=21a0f2e2a7064a0294c3ff341880050a&mboxRid=75ee92fd030246cda89d904d05fd829a&mboxVersion=1.8.3&mboxCount=1&mboxTime=1664876411415&mboxHost=ayetaablehands.org&mboxURL=https%3A%2F%2Fayetaablehands.org%2Fverify.dcu%2F&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Fayetaablehands.org%2Fverify.dcu%2F&mboxMCSDID=43418A618585D6A4-0E0DE7358D9CC5B4&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=28039749299258952621020281242193114632&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 HTTP/1.1 
Host: digitalfederalcredit.tt.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ayetaablehands.org
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         15.236.176.210
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
                                        
date: Tue, 04 Oct 2022 09:40:12 GMT
content-length: 96
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: https://ayetaablehands.org
access-control-allow-credentials: true
x-request-id: 75ee92fd030246cda89d904d05fd829a
pragma: no-cache
timing-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: jag
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   96
Md5:    0150ecd91f90050a3795d0d4f46eac9b
Sha1:   d2bd87fe2b1cb98b9f0b8a9228e9c391a41878fb
Sha256: 0416e69b6a19c9688a4fdc3e1cac76496885af9a41228c98a1441b48506a2b0c
                                        
                                            GET /link/2.0.1398/link-dynamic-loader.js HTTP/1.1 
Host: cdn.plaid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.36
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 19:48:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: T81OvNJu6bfshps9G1xPc8uFPxZefLcQ
server: AmazonS3
content-encoding: gzip
date: Mon, 03 Oct 2022 20:26:02 GMT
cache-control: max-age=10800
etag: W/"a5f147134a874f0b63da3223dc7133cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WrHueorGrb33JoGh-95aeey8S_LKzvO3V9BqsgHD00cfcevdsbotwg==
age: 47681
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   43716
Md5:    a5686426e9178deda225cee287266a8a
Sha1:   8f97e06324630ce0e4c9aa88e48012faab43f627
Sha256: 52b79b98ab2b7a5fa7f3f729978b16cabd448a8c487848a787e30f72175a106e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14954
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:40:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14954
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:40:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14954
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 09:40:12 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 17841
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 42952
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bec66cf-b911-4eb8-95d6-27e5f2afb6c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8308
x-amzn-requestid: 3348b2e8-915a-492b-8241-89c13a21232c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFlFyyoAMFz_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-2baf7ac2213c31fc384e8317;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 50AX7dGWRTOAi1Z4dP9cROGeKlz-g0oXDncFUYmuPOSwpZRWWcNo4g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:32 GMT
age: 42940
etag: "4ac6c5691df804078d5da54233cf4d8e7012f9ca"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8308
Md5:    de29d0d95d22e4e246a90feed644baf0
Sha1:   4ac6c5691df804078d5da54233cf4d8e7012f9ca
Sha256: 8e34ad07e098df14f7001d1ee538479de11afa4c255006cb6e8e2207c0e50a47
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 42952
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 42939
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c459c91-b5cc-492c-9573-3101e5df6b51.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5083
x-amzn-requestid: ed99df03-5d15-4e09-9aea-bbf77a705323
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpI0HT0IAMFxvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b556b-422197147d76caac6e910664;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:35 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZFVTt0eV3kpIaS4KAIZlgaTJxHb2hPxyP4BBRAZCE-cCAWJM44fZxw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:38:28 GMT
age: 39704
etag: "f5ce815082043a4efce28fc790ae7d8b3a8531f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5083
Md5:    34f2dfb2faff276db1d4a57739db2450
Sha1:   f5ce815082043a4efce28fc790ae7d8b3a8531f8
Sha256: e02ea92f0be524ccfe26eee61a77e39a13d852d1ba3696f729e0f61812028667
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 09:40:12 GMT
Last-Modified: Tue, 04 Oct 2022 08:18:55 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0ldDj32lGRifwwUyk5I6NeYAURA2nguT2aWUVN0ToHRJRCPM_3yJDg==
Age: 4877

                                        
                                            GET /cm/dd?d_uuid=27440947492406750861068909570727741784 HTTP/1.1 
Host: cm.everesttech.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.74.40.111
HTTP/1.1 302
                                        
Date: Tue, 04 Oct 2022 09:40:12 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Yzv-fAAAAGCioQNe; Domain=.everesttech.net; Expires=Wed, 04-Oct-2023 09:40:12 GMT; Path=/ everest_session_v2=Yzv-fAAAAGCiowNe; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yzv-fAAAAGCioQNe
Server: AMO-cookiemap/1.1

                                        
                                            GET /b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.4-LCUM/s58545677665700?AQB=1&ndh=1&pf=1&t=4%2F9%2F2022%209%3A40%3A12%202%200&sdid=43418A618585D6A4-0E0DE7358D9CC5B4&vid=28039749299258952621020281242193114632&mid=28039749299258952621020281242193114632&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Averify.dcu%3A&g=https%3A%2F%2Fayetaablehands.org%2Fverify.dcu%2F&cc=USD&ch=verify.dcu&server=ayetaablehands.org&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=verify.dcu&c9=D%3Dv9&v9=https%3A%2F%2Fayetaablehands.org%2Fverify.dcu%2F&v10=D%3Dc10&v11=projectfinance%3Aen%3Averify.dcu%3A&v12=year%3D2022%20%7C%20month%3DOctober%20%7C%20date%3D4%20%7C%20day%3DTuesday%20%7C%20time%3D9%3A40%20AM&v13=New&c14=25&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=28039749299258952621020281242193114632&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1 HTTP/1.1 
Host: digitalfederalcreditunion.sc.omtrdc.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.36.218.177
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
access-control-allow-origin: *
date: Tue, 04 Oct 2022 09:40:12 GMT
expires: Mon, 03 Oct 2022 09:40:12 GMT
last-modified: Wed, 05 Oct 2022 09:40:12 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3575294870917349376-4619896178547747043
vary: *
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 2 x 2\012- data
Size:   43
Md5:    ad480fd0732d0f6f1a8b06359e3a42bb
Sha1:   a544538683a2dfe574eeb2e358ac8fcc78289d50
Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
                                        
                                            GET /ibs:dpid=411&dpuuid=Yzv-fAAAAGCioQNe HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ayetaablehands.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.154.199.204
HTTP/1.1 302 Found
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-0b6db8e1c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yzv-fAAAAGCioQNe
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=11162818132672684863295194272861232505; Max-Age=15552000; Expires=Sun, 02 Apr 2023 09:40:12 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: DIVFs0A0QWw=
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Yzv-fAAAAGCioQNe HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ayetaablehands.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.154.199.204
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-2-v044-0deb8e9c6.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: nbe41E+uQ44=
Content-Length: 59
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   59
Md5:    1251cd5e5c2def4c046309375f87c1c1
Sha1:   e02d6b0c6a5c495c15985e2832e335eda8528c80
Sha256: 4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
                                        
                                            GET /verify.dcu/undefined/api/config?messagesType=customer&language=en-US&company= HTTP/1.1 
Host: ayetaablehands.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/verify.dcu/
Cookie: AMCV_46051B125B89FACB0A495DD6%40AdobeOrg=1176715910%7CMCIDTS%7C19270%7CMCMID%7C28039749299258952621020281242193114632%7CMCAAMLH-1665481211%7C6%7CMCAAMB-1665481211%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1664883611s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19277%7CvVersion%7C5.4.0; at_check=true; mbox=session#086b30a3960e43ca98ebe06378d0b3c9#1664878273|PC#086b30a3960e43ca98ebe06378d0b3c9.37_0#1728121213; AMCVS_46051B125B89FACB0A495DD6%40AdobeOrg=1; s_tslv=1664876412129; s_vnc365=1696412412130%26vn%3D1; s_ivc=true; s_dur=1664876412131; s_nr30=1664876412153-New; s_ppv=projectfinance%253Aen%253Averify.dcu%253A%2C100%2C100%2C939%2C1%2C1; s_ips=939; s_tp=939; s_cc=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         198.54.115.112
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://ayetaablehands.org/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 12307
date: Tue, 04 Oct 2022 09:40:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   12307
Md5:    c9248dbd52a81810cfa7b95008856867
Sha1:   7804efc41e1439b1c44bacd89b2007d0b91ebd32
Sha256: cba9ef2fb67f706b44d4591aeacbf8a94596b4519b4dfd8e70c404b1f1f4c18d
                                        
                                            GET /static/css/main.de56b7b2.css HTTP/1.1 
Host: frame.gleap.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://frame.gleap.io/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         51.124.12.35
HTTP/2 200 OK
content-type: text/css
                                        
date: Tue, 04 Oct 2022 09:40:11 GMT
cache-control: public, must-revalidate, max-age=30
content-encoding: br
etag: "77914261"
last-modified: Tue, 27 Sep 2022 11:09:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=10886400; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-dns-prefetch-control: off
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /link/v2/stable/link-initialize.js HTTP/1.1 
Host: cdn.plaid.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ayetaablehands.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.36
HTTP/2 200 OK
content-type: application/javascript
                                        
x-amz-id-2: 7qWnQ8lcuco7jLQCDxdHH8TcJNQzLDWQO1JncoVpKd+n1Q+14W+eD4k8dnBAJSN6QoHB9wIQwjg=
x-amz-request-id: M7XQ9Z50C2CJGQ0F
date: Tue, 04 Oct 2022 03:08:42 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 29 Sep 2022 19:48:07 GMT
etag: W/"7414bb655596877cab6594ef7d7c62b1"
x-amz-server-side-encryption: AES256
cache-control: no-cache,must-revalidate,max-age=0
x-amz-version-id: ARwFLa4QBRXkoi7tIF8RpyXG6Qrm9ayE
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vNWUWZHRzr2Y8yGXKkGITBkb7bQPJeYY-3hkBQPxbx0hCe1y3UMwQw==
age: 23489
X-Firefox-Spdy: h2


--- Additional Info ---