urlquery - report: fvyncztyqt.duckdns.org/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
img-getpocket.cdn.mozilla.net (6)	1631	2019-03-04 20:37:34 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
ocsp.globalsign.com (2)	2075	2018-06-22 23:48:20 UTC	2020-05-02 20:58:10 UTC	104.18.20.226
push.services.mozilla.com (1)	2140	2019-05-26 10:52:39 UTC	2020-05-03 10:09:39 UTC	52.38.146.2
fvyncztyqt.duckdns.org (11)	0	2022-10-21 07:23:10 UTC	2022-10-28 12:54:49 UTC	185.212.68.4	Unknown ranking
js.users.51.la (1)	53024	2017-11-08 06:17:53 UTC	2022-08-20 01:24:32 UTC	103.143.19.103
www.nta.go.jp (1)	0	2022-06-02 22:30:28 UTC	2022-10-28 13:02:20 UTC	54.230.111.22	Domain (nta.go.jp) ranked at: 320855
r3.o.lencr.org (6)	344	No data	No data	23.36.77.32
ocsp.digicert.com (2)	86	2012-06-27 22:09:06 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-10-28 04:33:48 UTC	34.117.237.239

Scan Date	Severity	Indicator	Comment
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN
2022-10-28	2	fvyncztyqt.duckdns.org/	National Tax Agency JAPAN

Date	UQ / IDS / BL	URL	IP
2023-01-18 07:34:15 +0000	0 - 4 - 0	stzjbklcdg.duckdns.org/	185.212.68.4
2023-01-15 06:31:53 +0000	0 - 4 - 0	amkszobpid.duckdns.org/	185.212.68.4
2022-11-07 15:55:38 +0000	13 - 0 - 4	xvshugflzn.duckdns.org/	185.212.68.4
2022-10-28 19:41:35 +0000	8 - 0 - 7	amkszobpid.duckdns.org/	185.212.68.4
2022-10-28 19:41:18 +0000	7 - 0 - 6	fvyncztyqt.duckdns.org/	185.212.68.4

Date	UQ / IDS / BL	URL	IP
2023-01-29 15:31:35 +0000	0 - 0 - 1	185.243.56.242/	185.243.56.242
2023-01-29 15:25:58 +0000	11 - 14 - 5	rzrfdttzvf.duckdns.org/	45.12.138.177
2023-01-29 15:03:41 +0000	0 - 4 - 0	zkidbguaxq.duckdns.org/	66.150.66.131
2023-01-29 14:59:40 +0000	0 - 4 - 0	orsdhlzmoa.duckdns.org/	66.150.66.131
2023-01-29 14:59:14 +0000	0 - 4 - 0	ymspzsgurs.duckdns.org/	5.253.235.113

Date	UQ / IDS / BL	URL	IP
2022-10-28 19:41:18 +0000	7 - 0 - 6	fvyncztyqt.duckdns.org/	185.212.68.4
2022-10-28 16:54:34 +0000	12 - 0 - 11	fvyncztyqt.duckdns.org/	185.212.68.4
2022-10-28 12:30:25 +0000	11 - 0 - 0	fvyncztyqt.duckdns.org/	185.212.68.4

Date	UQ / IDS / BL	URL	IP
2023-01-22 08:24:34 +0000	30 - 0 - 16	omaalqiion.duckdns.org/	45.12.138.144
2023-01-22 08:21:53 +0000	30 - 0 - 16	myhrkoqavq.duckdns.org/	45.12.138.144
2023-01-21 21:22:12 +0000	30 - 0 - 16	alcsewvqdk.duckdns.org/	45.12.138.144
2023-01-21 20:00:12 +0000	30 - 0 - 16	jiqegntptc.duckdns.org/	45.12.138.144
2023-01-21 18:39:32 +0000	27 - 0 - 15	omaalqiion.duckdns.org/	45.12.138.144

HTTP Transactions (32)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e70850235887d55f4064842b4ed3b51f2ab6ef79a87bcda59dcb3a6cdc49b1a0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E70850235887D55F4064842B4ED3B51F2AB6EF79A87BCDA59DCB3A6CDC49B1A0" Last-Modified: Wed, 26 Oct 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5751 Expires: Fri, 28 Oct 2022 18:30:14 GMT Date: Fri, 28 Oct 2022 16:54:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f046f77b86e11e6687b4f2b293448087 Sha1: f741afeb331f6d268daf18d4a41a9a59ecd71fab Sha256: e70850235887d55f4064842b4ed3b51f2ab6ef79a87bcda59dcb3a6cdc49b1a0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 853f97990fe10ccb34066b1e73e93dac45794f42fb745b266b6a46b9e26d52e9 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "853F97990FE10CCB34066B1E73E93DAC45794F42FB745B266B6A46B9E26D52E9" Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8854 Expires: Fri, 28 Oct 2022 19:21:57 GMT Date: Fri, 28 Oct 2022 16:54:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1e997bec759570aa0db03e31bf013cc2 Sha1: 948fd8263ab0b40f75eaf9495f76a7f39f39d5f9 Sha256: 853f97990fe10ccb34066b1e73e93dac45794f42fb745b266b6a46b9e26d52e9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3232 Cache-Control: max-age=149436 Date: Fri, 28 Oct 2022 16:54:23 GMT Etag: "635ba15b-1d7" Expires: Sun, 30 Oct 2022 10:24:59 GMT Last-Modified: Fri, 28 Oct 2022 09:31:07 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 922281894182eba1fc67c2d8678e3238 Sha1: e169209341b09bf4f14ebb3fc7c07b03f2121bf1 Sha256: 37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03" Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10657 Expires: Fri, 28 Oct 2022 19:52:00 GMT Date: Fri, 28 Oct 2022 16:54:23 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 42d84e61e6aa4d3cce623adccfafc3e2 Sha1: 0dba69e98be53c153a6726ff934b2d55feb20d75 Sha256: 2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: DMLKAd/vJBKEFi+Lru8DybMWD23D8CzSPbGM+lybfz/jKG7JcLA/NvbRRN9VeG04ZGJvYeN5pjk= x-amz-request-id: 1KGBMBBA7KBVWZED content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 28 Oct 2022 16:10:19 GMT age: 2644 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 28 Oct 2022 16:54:23 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /static/gs_vk/reset.css HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/gs_vk/reset.css FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 HASH: e0e6a4ef211b0c936b3a38abe91cda1ebbbcc4a3c2d8e706ef7a1dc2c55427c3 185.212.68.4 HTTP/2 200 OK content-type: text/css server: nginx date: Fri, 28 Oct 2022 16:54:23 GMT content-length: 884 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-374" expires: Sat, 29 Oct 2022 04:54:23 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: CSV text\012- , ASCII text, with CRLF line terminators Size: 884 Md5: a77d6f26781539c015b1b1d84dac9c06 Sha1: 6f9e90a2e3c9f2bcb9337e577150bde1d3a29ccb Sha256: e0e6a4ef211b0c936b3a38abe91cda1ebbbcc4a3c2d8e706ef7a1dc2c55427c3 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
GET /static/gs_vk/index.css HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/gs_vk/index.css FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 HASH: de36d3e9e989de40ae0bf5252af018ef55fdc0ed938042bdba11147f1127e431 185.212.68.4 HTTP/2 200 OK content-type: text/css server: nginx date: Fri, 28 Oct 2022 16:54:23 GMT content-length: 748 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-2ec" expires: Sat, 29 Oct 2022 04:54:23 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 748 Md5: 91692497e479f6cc955e4de6d627a499 Sha1: bb57de5c2d4dafee21f66645d776d3064f4b79bd Sha256: de36d3e9e989de40ae0bf5252af018ef55fdc0ed938042bdba11147f1127e431 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
GET /static/js/jquery-3.3.1.min.js HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/js/jquery-3.3.1.min.js FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 HASH: 048fcbc6534303cb47474e8ae8b24c9a592c01b9e2acd3243e880c8d964fa7dd 185.212.68.4 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 28 Oct 2022 16:54:23 GMT last-modified: Thu, 17 Mar 2022 06:46:08 GMT vary: Accept-Encoding etag: W/"6232d930-1538f" expires: Sat, 29 Oct 2022 04:54:23 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 34435 Md5: d569b113160aa5f93143ddbfdf6364f3 Sha1: c5551c9c6964a7105475e5dcdcdece438426f281 Sha256: 048fcbc6534303cb47474e8ae8b24c9a592c01b9e2acd3243e880c8d964fa7dd Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 99057099a66b378f0825443f175ad6f84a9f69c0abb8f8db546eb348de4facb4 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4621 Cache-Control: max-age=145765 Date: Fri, 28 Oct 2022 16:54:24 GMT Etag: "635b8d98-1d7" Expires: Sun, 30 Oct 2022 09:23:49 GMT Last-Modified: Fri, 28 Oct 2022 08:06:48 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 6b7c0ce49b8ebb90707ec439581bc979 Sha1: 1affe02f362f59f8acaaa2cc16185fc2942a82cf Sha256: 99057099a66b378f0825443f175ad6f84a9f69c0abb8f8db546eb348de4facb4
POST /gsgccr3dvtlsca2020 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsgccr3dvtlsca2020 FQDN: ocsp.globalsign.com IP: 104.18.20.226 HASH: 239d67dff71967faa0d4c1ce00fab5dab3fb23142d5d8b6607735ef8a8cc5a1d 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 28 Oct 2022 16:54:24 GMT Content-Length: 1414 Connection: keep-alive Expires: Tue, 01 Nov 2022 13:42:47 GMT ETag: "d06806257539b1197857e92fd48aa3d60d752eb2" Last-Modified: Fri, 28 Oct 2022 13:42:48 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 1311 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 76153171fa0e1c12-OSL --- Additional Info --- Magic: data Size: 1414 Md5: a48c3219c8260bb8658566752eefb982 Sha1: d06806257539b1197857e92fd48aa3d60d752eb2 Sha256: 239d67dff71967faa0d4c1ce00fab5dab3fb23142d5d8b6607735ef8a8cc5a1d
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: qrqNR8FQRgVOLc8M6bc2Nw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 52.38.146.2 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 52.38.146.2 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: V9B5Dvwu84HoeKu8F8GxLsL9WC0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /21240581.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: js.users.51.la/21240581.js FQDN: js.users.51.la IP: 103.143.19.103 HASH: 07d02a0148b6511022ea5ba02eab78bf74dc6d6540974b4fcc6319d43ef67495 103.143.19.103 HTTP/1.1 200 OK Content-Type: application/javascript; charset=utf-8 Server: CloudWAF Date: Fri, 28 Oct 2022 16:54:24 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: HWWAFSESID=93d80682586e86d030c; path=/ HWWAFSESTIME=1666976060248; path=/ Cache-Control: max-age=360000 Access-Control-Allow-Origin: * Access-Control-Allow-Credentials: true Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (4898) Size: 2310 Md5: 648d332a1a1b5037f4e0ebc4a16255e5 Sha1: 5238cd54b0126b54bd371267320e9854a1930491 Sha256: 07d02a0148b6511022ea5ba02eab78bf74dc6d6540974b4fcc6319d43ef67495
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsrsaovsslca2018 FQDN: ocsp.globalsign.com IP: 104.18.20.226 HASH: acc0f8793e5cc01999d9880be30cbab10344ed72e47b1a987509ec1b4a23bec9 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 28 Oct 2022 16:54:24 GMT Content-Length: 1432 Connection: keep-alive Expires: Tue, 01 Nov 2022 15:06:52 GMT ETag: "7f06bf51a0081304a2991d15e16448476d267cd2" Last-Modified: Fri, 28 Oct 2022 15:06:53 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2327 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 761531761e061c12-OSL --- Additional Info --- Magic: data Size: 1432 Md5: 6a1d215168e4532d60fb5603bdeed9f1 Sha1: 7f06bf51a0081304a2991d15e16448476d267cd2 Sha256: acc0f8793e5cc01999d9880be30cbab10344ed72e47b1a987509ec1b4a23bec9
GET /template/img/template/headerbackground.jpg HTTP/1.1 Host: www.nta.go.jp User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.nta.go.jp/template/img/template/headerbackground.jpg FQDN: www.nta.go.jp IP: 54.230.111.22 HASH: 9f7bcb50485acc2487f525f5d0d49bf0e3c239ee0150685a621b7e84d67818c7 54.230.111.22 HTTP/2 200 OK content-type: image/jpeg content-length: 29881 server: Apache x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff last-modified: Fri, 30 Mar 2018 05:48:34 GMT accept-ranges: bytes date: Fri, 28 Oct 2022 16:54:08 GMT etag: "74b9-5689aca6dd080" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: R5Mb6TK2M9NZFjFIw-DEdAYiYf802REyum_u-cnMlPGc3NhtqnM4Gg== age: 16 X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 980x113, components 3\012- data Size: 29881 Md5: e5e2087ec026ba50dceab21313cde200 Sha1: 32528b75731905a34f01e6b4cdf3937f72c4098f Sha256: 9f7bcb50485acc2487f525f5d0d49bf0e3c239ee0150685a621b7e84d67818c7
GET /static/gs_vk/logo.png HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Cookie: __tins__21240581=%7B%22sid%22%3A%201666976063617%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666977863617%7D; __51cke__=; __51laig__=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/gs_vk/logo.png FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 HASH: bf1532dfb899554f52b0a98c2870c9a6f19e6abaf74288c6de321813fed91666 185.212.68.4 HTTP/2 200 OK content-type: image/png server: nginx date: Fri, 28 Oct 2022 16:54:24 GMT content-length: 2973 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-b9d" expires: Sun, 27 Nov 2022 16:54:24 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 275 x 29, 8-bit/color RGBA, non-interlaced\012- data Size: 2973 Md5: c6d404ecaa7646ff497deaad55392996 Sha1: 1c66c5caf35e3e633d1cb1e09a334362ad11f5fb Sha256: bf1532dfb899554f52b0a98c2870c9a6f19e6abaf74288c6de321813fed91666 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
GET /static/gs_vk/syozai_icon.png HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Cookie: __tins__21240581=%7B%22sid%22%3A%201666976063617%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666977863617%7D; __51cke__=; __51laig__=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/gs_vk/syozai_icon.png FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 HASH: 5aa0964ac2cb5cbb5823d166f55495ac12747f3fbf2b56f7d290ac161eb2aead 185.212.68.4 HTTP/2 200 OK content-type: image/png server: nginx date: Fri, 28 Oct 2022 16:54:24 GMT content-length: 1297 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-511" expires: Sun, 27 Nov 2022 16:54:24 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 15 x 24, 8-bit/color RGBA, non-interlaced\012- data Size: 1297 Md5: d038e6e8e4472bbcf6e5dac6a23d5a0e Sha1: fce966980cd73b2d732e0081b7e8dc9751db160d Sha256: 5aa0964ac2cb5cbb5823d166f55495ac12747f3fbf2b56f7d290ac161eb2aead Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD" Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9683 Expires: Fri, 28 Oct 2022 19:35:48 GMT Date: Fri, 28 Oct 2022 16:54:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d74fd61a9f3caa5eada0b6b9f7154475 Sha1: eb94382c5deaf0de61635a7d4ecc89928ef84e65 Sha256: b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD" Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9683 Expires: Fri, 28 Oct 2022 19:35:48 GMT Date: Fri, 28 Oct 2022 16:54:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d74fd61a9f3caa5eada0b6b9f7154475 Sha1: eb94382c5deaf0de61635a7d4ecc89928ef84e65 Sha256: b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD" Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9683 Expires: Fri, 28 Oct 2022 19:35:48 GMT Date: Fri, 28 Oct 2022 16:54:25 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d74fd61a9f3caa5eada0b6b9f7154475 Sha1: eb94382c5deaf0de61635a7d4ecc89928ef84e65 Sha256: b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4524 x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aljicH_6IAMFqpQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0 x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT x-amz-cf-pop: SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: X2yIbylXM6iNJmvNHN8m0S70NeEPPCDafwWHfZto550QwEWKOAdl-A== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google date: Fri, 28 Oct 2022 00:46:12 GMT age: 58093 etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4524 Md5: 91ee720c15dc69de45080d0c951353af Sha1: 5292b31a99d90bcb7071f327b93d52034bdf9dcb Sha256: 7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c17e2f3-4edf-44ae-9b49-0a83b2498309.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7a17e72f6767e8d129ce43ec41aa535827fbc90b085898f5a764166c7600b48b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10330 x-amzn-requestid: d1306110-4c96-44f6-86c9-542354fb5f26 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: arw3DHedoAMFegg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-635afb60-236067d573debd7b248a3579;Sampled=0 x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:56 GMT x-amz-cf-pop: SEA73-P2, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: FEgc1gYGoQvntxdOiUoXrDNK6irThtVu-E1iztiw5Zry4zyLE3V9eQ== via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google date: Thu, 27 Oct 2022 22:02:13 GMT age: 67932 etag: "8a2e935e59efbe8a6b4f4fad1ef0b87241731dec" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10330 Md5: 9ec53913f994b99340024aa1958102a2 Sha1: 8a2e935e59efbe8a6b4f4fad1ef0b87241731dec Sha256: 7a17e72f6767e8d129ce43ec41aa535827fbc90b085898f5a764166c7600b48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ee9a743-41f5-42f0-855e-53c4f9175a44.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: dd02da6461e36a128579a3fb26da4c7f303b5683b27a7bd7a50309d4101cba3e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8323 x-amzn-requestid: 4b90019d-6e8c-498d-8627-e4f0c9dda30e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: arw0gGYKoAMFRBg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-635afb4f-620a4264143fc3fd207acc5e;Sampled=0 x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:39 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NPWfRW5iNN1bcEzJGGlGa8kBWq-t_cOrbImZBUTaFi7QjGhjAj0GZQ== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Thu, 27 Oct 2022 21:58:21 GMT age: 68164 etag: "7ab34ed8ae4e7048edd25f8b533d5237dea83688" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8323 Md5: 348e4d5f46d652d497f9ad078d1dea3e Sha1: 7ab34ed8ae4e7048edd25f8b533d5237dea83688 Sha256: dd02da6461e36a128579a3fb26da4c7f303b5683b27a7bd7a50309d4101cba3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a3beb47-d762-472b-9658-8a33fd7da5b8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 35ef1400e311bc04c5e48d5e9e80060a377c6a8570cc2e76ca2e25f6395f80cb 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14637 x-amzn-requestid: d2b22c2f-a677-4d97-aa1e-98e93c988c7f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aV_IjEibIAMF_DQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63524569-746ac9cf1df9428b60e84817;Sampled=0 x-amzn-remapped-date: Fri, 21 Oct 2022 07:08:25 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 5-u7YiYuiCnVhe-UeDWcQzxKeTuYH07SxlNfwz8atV9ZCF8ecCrP0g== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google date: Fri, 28 Oct 2022 09:21:23 GMT age: 27182 etag: "16580f7f378eede68f6f8c5361f942d6a33b862e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14637 Md5: 67ab2d52efde23610013edaacf8ba485 Sha1: 16580f7f378eede68f6f8c5361f942d6a33b862e Sha256: 35ef1400e311bc04c5e48d5e9e80060a377c6a8570cc2e76ca2e25f6395f80cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92343b1e-4025-42d0-b907-d6a162cd1d33.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 980d91fcd2493b85c4285bfad0102309afe2f65a4b39cca06ab71801be146d7c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5271 x-amzn-requestid: 1fbe226c-b232-4d58-bf3c-fdcd635cae9c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: arw1rFHHoAMFWhg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-635afb57-09d6264c4001434303a50531;Sampled=0 x-amzn-remapped-date: Thu, 27 Oct 2022 21:42:47 GMT x-amz-cf-pop: SEA19-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: ls6vh54DEJ_FN1Y0hCCjp2rXofgLT0CYALsne_-GDl2JpUZetYfHZA== via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google date: Thu, 27 Oct 2022 22:45:49 GMT age: 65316 etag: "44e406cc47c723ad73aa36f22d24d6ef46c481b6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5271 Md5: 01e61cd2e01a587b5adb8c5eaf3c7768 Sha1: 44e406cc47c723ad73aa36f22d24d6ef46c481b6 Sha256: 980d91fcd2493b85c4285bfad0102309afe2f65a4b39cca06ab71801be146d7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b6e2a26-e87a-4329-8df1-ba2276a57eba.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 734419d9f9c28185501c25db3e0df01f2dc901a1a87bcdd066028392c8c82cf5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 14602 x-amzn-requestid: f3e186c6-4734-4c1b-a432-aa799a12ed4e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: arv9yGaMoAMFZ4A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-635af9f1-05c8bdc2153acd8915e04826;Sampled=0 x-amzn-remapped-date: Thu, 27 Oct 2022 21:36:49 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: -LtByCyKdn883A5CbwMzP1WXAsdL1X8sDa8qyRWuDmYGUNS-u9xTJA== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Thu, 27 Oct 2022 22:28:50 GMT age: 66335 etag: "9d0fc7b50cbb96a3e85ccb501ed1d60a39a164d3" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 14602 Md5: 13bafc15fa2fe97e27115e17bce8b22f Sha1: 9d0fc7b50cbb96a3e85ccb501ed1d60a39a164d3 Sha256: 734419d9f9c28185501c25db3e0df01f2dc901a1a87bcdd066028392c8c82cf5
GET /static/gs_vk/index.png HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Cookie: __tins__21240581=%7B%22sid%22%3A%201666976063617%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666977863617%7D; __51cke__=; __51laig__=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/gs_vk/index.png FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 HASH: c0315642042bbc5f62714e1bf1ee5df4fd567a38745af3c67ff09b025a56efbb 185.212.68.4 HTTP/2 200 OK content-type: image/png server: nginx date: Fri, 28 Oct 2022 16:54:24 GMT content-length: 104029 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-1965d" expires: Sun, 27 Nov 2022 16:54:24 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 750x516, components 3\012- data Size: 104029 Md5: 3b288cf2cf8b233a1f459e89dc209d79 Sha1: 08aa186779070d33edbca5dece75e2760dfa4065 Sha256: c0315642042bbc5f62714e1bf1ee5df4fd567a38745af3c67ff09b025a56efbb Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
GET /static/gs_vk/banner.png HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Cookie: __tins__21240581=%7B%22sid%22%3A%201666976063617%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666977863617%7D; __51cke__=; __51laig__=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/gs_vk/banner.png FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 HASH: 2fe3b5cadeb4ad9fec7ee39d1f2170c6bb656436597087aa9a582713e53bed75 185.212.68.4 HTTP/2 200 OK content-type: image/png server: nginx date: Fri, 28 Oct 2022 16:54:24 GMT content-length: 220877 last-modified: Tue, 09 Aug 2022 08:07:50 GMT etag: "62f215d6-35ecd" expires: Sun, 27 Nov 2022 16:54:24 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 670 x 238, 8-bit/color RGB, non-interlaced\012- data Size: 220877 Md5: 2f987a1099c7a986fa860cf0e80d7b5d Sha1: 0a3e6dfbf3b0e7d361ba9fc088e2ef7805ec0310 Sha256: 2fe3b5cadeb4ad9fec7ee39d1f2170c6bb656436597087aa9a582713e53bed75 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
GET /favicon.ico HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Cookie: __tins__21240581=%7B%22sid%22%3A%201666976063617%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201666977863617%7D; __51cke__=; __51laig__=1 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/favicon.ico FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 HASH: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 185.212.68.4 HTTP/2 404 Not Found content-type: text/html server: nginx date: Fri, 28 Oct 2022 16:54:25 GMT content-length: 146 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 146 Md5: 8eec510e57f5f732fd2cce73df7b73ef Sha1: 3c0af39ecb3753c5fee3b53d063c7286019eac3b Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
GET /static/gs_vk/public.css HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/gs_vk/public.css FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 185.212.68.4 HTTP/2 200 OK content-type: text/css server: nginx date: Fri, 28 Oct 2022 16:54:23 GMT last-modified: Tue, 09 Aug 2022 08:07:50 GMT vary: Accept-Encoding etag: W/"62f215d6-818" expires: Sat, 29 Oct 2022 04:54:23 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
GET /static/js/jquery.cookie.js HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fvyncztyqt.duckdns.org/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fvyncztyqt.duckdns.org/static/js/jquery.cookie.js FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 185.212.68.4 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 28 Oct 2022 16:54:23 GMT last-modified: Thu, 17 Mar 2022 06:46:08 GMT vary: Accept-Encoding etag: W/"6232d930-c31" expires: Sat, 29 Oct 2022 04:54:23 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN
GET / HTTP/1.1 Host: fvyncztyqt.duckdns.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: fvyncztyqt.duckdns.org/ FQDN: fvyncztyqt.duckdns.org IP: 185.212.68.4 185.212.68.4 HTTP/2 200 OK content-type: text/html server: nginx date: Fri, 28 Oct 2022 16:54:23 GMT last-modified: Tue, 11 Oct 2022 08:01:08 GMT vary: Accept-Encoding etag: W/"634522c4-1727" strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: urlquery: - DynDNS domain detected Blocklists: - openphish: National Tax Agency JAPAN

URL	fvyncztyqt.duckdns.org/
IP	185.212.68.4 (United States)
ASN	#35913 DEDIPATH-LLC
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-10-28 16:54:34 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	11
urlquery alerts	12 DynDNS domain detected
Tags	None

Overview

Domain Summary (10)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.212.68.4

Last 5 reports on ASN: DEDIPATH-LLC

Last 3 reports on domain: fvyncztyqt.duckdns.org

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 502) - SHA256: 0f7fc43e376999cbdba89c8d649e737aa0367ecfa3bc56fbc423f724cbc46d4b

HTTP Transactions (32)

Overview

Domain Summary (10)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 185.212.68.4

Last 5 reports on ASN: DEDIPATH-LLC

Last 3 reports on domain: fvyncztyqt.duckdns.org

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 502) - SHA256: 0f7fc43e376999cbdba89c8d649e737aa0367ecfa3bc56fbc423f724cbc46d4b

HTTP Transactions (32)

Network Intrusion Detection Systems