urlquery - report: newmember74.duckdns.org/login.php

Overview

URL	newmember74.duckdns.org/login.php
IP	104.208.66.252
ASN	MICROSOFT-CORP-MSN-AS-BLOCK
Location	Hong Kong
Report completed	2022-07-05 21:29:39 UTC
Status	Loading report..
urlquery Alerts	DynDNS domain detected

Settings

UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blocklists

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2022-07-05	2	newmember74.duckdns.org/login.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

Files

No files detected

Passive DNS (11)

Passive DNS Source	Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
[Mnemonic Passive DNS]	push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-07-05 05:12:14 UTC	52.40.216.187
[Mnemonic Passive DNS]	firefox.settings.services.mozilla.com (2)	867	2016-03-17 08:25:01 UTC	2020-05-25 20:01:47 UTC	54.230.111.65
[Mnemonic Passive DNS]	newmember74.duckdns.org (3)	0	No data	No data	104.208.66.252	Unknown ranking
[Mnemonic Passive DNS]	ocsp.digicert.com (1)	86	2012-11-29 12:49:49 UTC	2022-07-05 18:37:22 UTC	93.184.220.29
[Mnemonic Passive DNS]	i.ibb.co (1)	13485	No data	No data	217.182.228.53
[Mnemonic Passive DNS]	fonts.gstatic.com (1)	0	2017-01-30 04:59:51 UTC	2022-07-05 04:59:30 UTC	142.250.74.163	Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS]	img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-07-05 12:56:13 UTC	34.120.237.76
[Mnemonic Passive DNS]	r3.o.lencr.org (5)	344	2020-12-02 08:52:13 UTC	2022-07-05 04:59:43 UTC	23.36.77.32
[Mnemonic Passive DNS]	content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-07-05 05:12:14 UTC	54.230.111.14
[Mnemonic Passive DNS]	contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
[Mnemonic Passive DNS]	ocsp.pki.goog (4)	175	2017-06-14 07:23:31 UTC	2022-07-05 04:59:45 UTC	142.250.74.3

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.208.66.252

Date	UQ / IDS / BL	URL	IP
2022-07-09 07:45:51 +0000	11 - 0 - 18	javnewclub78.duckdns.org/	104.208.66.252
2022-07-08 08:53:30 +0000	4 - 0 - 4	freejavmember354.duckdns.org/login.php	104.208.66.252
2022-07-08 03:34:39 +0000	4 - 0 - 4	freejavmember354.duckdns.org/login.php	104.208.66.252
2022-07-07 19:38:35 +0000	4 - 0 - 4	freejavmember354.duckdns.org/login.php	104.208.66.252
2022-07-07 16:16:02 +0000	4 - 0 - 3	freemember1174.duckdns.org/login.php	104.208.66.252
2022-07-07 14:03:16 +0000	4 - 0 - 3	freemember1174.duckdns.org/login.php	104.208.66.252
2022-07-07 12:37:54 +0000	11 - 0 - 18	freemember1174.duckdns.org/	104.208.66.252
2022-07-07 12:29:01 +0000	4 - 0 - 3	freemember1174.duckdns.org/login.php	104.208.66.252
2022-07-07 03:34:47 +0000	4 - 0 - 3	freemember1174.duckdns.org/login.php	104.208.66.252
2022-07-07 02:55:50 +0000	11 - 0 - 18	https://www.javnewclub468.duckdns.org/	104.208.66.252

Last 10 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK

Date	UQ / IDS / BL	URL	IP
2022-08-16 13:41:25 +0000	0 - 0 - 3	https://healthydiet4all.com/word/custom_templ (...)	52.166.136.210
2022-08-16 13:21:19 +0000	0 - 0 - 25	togetherreborn.xs1.live/	20.189.78.99
2022-08-16 11:51:27 +0000	2 - 0 - 0	v1.myapptrack.club/15GiGC	20.113.188.243
2022-08-16 11:18:01 +0000	0 - 0 - 4	livetrack.in/EmployeeMasterImages/qace.jpg	52.172.211.121
2022-08-16 11:04:35 +0000	0 - 0 - 1	afcreditunion.com/request/americafirst.com.zip	40.76.31.161
2022-08-16 10:44:03 +0000	4 - 0 - 0	franconect-impgov.ddns.net/.VERSION3/login.php	20.246.1.106
2022-08-16 10:27:11 +0000	0 - 0 - 1	52.165.230.106/MSOfficeUpdate.cab	52.165.230.106
2022-08-16 10:02:41 +0000	0 - 0 - 1	https://nagains.azurewebsites.net/wp-content/ (...)	52.176.6.0
2022-08-16 10:02:35 +0000	0 - 0 - 1	https://nagains.azurewebsites.net/wp-content/ (...)	52.176.6.0
2022-08-16 10:02:34 +0000	0 - 0 - 1	https://nagains.azurewebsites.net/wp-content/ (...)	52.176.6.0

No other reports on domain: newmember74.duckdns.org

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (26)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659" Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10698 Expires: Wed, 06 Jul 2022 00:27:44 GMT Date: Tue, 05 Jul 2022 21:29:26 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 65822db7ce56247876fbdcc5c29607f6 Sha1: 91262a33683099ad0dc3631d0a7a9051d8539b20 Sha256: 5ca12512dfbe8a007255191678a4ecd570026d865ae741c0d3025d8fe1a58659
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Tue, 05 Jul 2022 20:55:40 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: osQpGf7O6oeCoZymCXXdmlbpQ4Ryf-LPcdXudv4NvyyFhKndTBzi2A== Age: 2026 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 91dd975a7b17b2922dd23c0e49314e40 Sha1: 57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2 Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29$ 54.230.111.14 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Tue, 21 Jun 2022 12:10:22 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Tue, 05 Jul 2022 03:26:45 GMT etag: "581454acdd98f34fd3fbabd0977ade29" x-cache: Hit from cloudfront via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 972RHSN_L8hCHQtR49GPZlqd5igJhRtOi4E_YEei0xcDZsVKhP9r5g== age: 64961 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 581454acdd98f34fd3fbabd0977ade29 Sha1: d8d86c0b513137aeb85de01cea7b272c35eb6ab4 Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6$ 34.117.237.239 HTTP/2 200 OK server: nginx date: Tue, 05 Jul 2022 21:29:26 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /login.php HTTP/1.1 Host: newmember74.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	$Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text Size: 1696 Md5: 904b1d5ad079d6739c0795c6b9c917ec$ 104.208.66.252 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Tue, 05 Jul 2022 21:29:26 GMT Content-Length: 1696 Connection: keep-alive x-turbo-charged-by: LiteSpeed --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text Size: 1696 Md5: 904b1d5ad079d6739c0795c6b9c917ec Sha1: 60d12ddc2fa84ab3b9ae24787b818010b93f6dd4 Sha256: a574fad0f68e46a77938a0ec24bf2cf03e0e36519bd8caa90f808208f264cf03 Alerts: urlquery: - DynDNS domain detected Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243$ 54.230.111.65 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff Date: Tue, 05 Jul 2022 21:02:23 GMT Cache-Control: max-age=3600 Expires: Tue, 05 Jul 2022 20:52:20 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: vRiFeFKJzSs9vmciQ3AFYyivmIAED45F5iFMPliNqGPVXmf0Se6OmA== Age: 3271 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /css/fb_style.css HTTP/1.1 Host: newmember74.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://newmember74.duckdns.org/login.php	104.208.66.252 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Tue, 05 Jul 2022 21:29:27 GMT Content-Length: 3272 Connection: keep-alive cache-control: public, max-age=604800 expires: Tue, 12 Jul 2022 19:38:41 GMT last-modified: Wed, 19 Feb 2020 20:41:46 GMT x-turbo-charged-by: LiteSpeed Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text Size: 3272 Md5: f5990efce538cfdfebb8910b2b41b24e Sha1: 931725ac8a506dfdfee26c2422db01b407bda91e Sha256: 5dd5413d9c5dc9802971efb610dd11c8fa5678e2ec853507749cb0d0042b9030 Alerts: urlquery: - DynDNS domain detected
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 05 Jul 2022 21:29:27 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 77412d8fb7fe2f69e9101c3386b79da9 Sha1: fac8ee244f886d6d4f4c5f5b0e0371d9b84159af Sha256: 0a4c9ca5b0d4ed182a03392dd82b0e6e1e0e35d8de7f008a71d3f67aa8c7176c
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3417 Cache-Control: 'max-age=158059' Date: Tue, 05 Jul 2022 21:29:27 GMT Last-Modified: Tue, 05 Jul 2022 20:32:30 GMT Server: ECS (ska/F708) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 15971ec9d16508a7ed7e29f0eabff6c1 Sha1: f193a969cc099ce6a7469fa3b0765d3e14901fda Sha256: 5d530c0312fbb1aa93bf3fdbd7ca66f8e2057b6965982ae1aa79398c02400604
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 05 Jul 2022 21:29:27 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 77412d8fb7fe2f69e9101c3386b79da9 Sha1: fac8ee244f886d6d4f4c5f5b0e0371d9b84159af Sha256: 0a4c9ca5b0d4ed182a03392dd82b0e6e1e0e35d8de7f008a71d3f67aa8c7176c
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 05 Jul 2022 21:29:27 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 4c27d905361d9a43fb7631c5fc100b0e Sha1: 4f6c0bf15aefd0b6991a291caf6956914605138c Sha256: d0a70da651bffc54a7d0fcef24a19b600762d70c633f31f774d3e44925b2c0ac
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://newmember74.duckdns.org Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e$ 142.250.74.163 HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15744 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 29 Jun 2022 19:34:08 GMT expires: Thu, 29 Jun 2023 19:34:08 GMT cache-control: public, max-age=31536000 age: 525319 last-modified: Wed, 11 May 2022 19:24:48 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Size: 15744 Md5: 15d9f621c3bd1599f0169dcf0bd5e63e Sha1: 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 05 Jul 2022 21:29:27 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 4c27d905361d9a43fb7631c5fc100b0e Sha1: 4f6c0bf15aefd0b6991a291caf6956914605138c Sha256: d0a70da651bffc54a7d0fcef24a19b600762d70c633f31f774d3e44925b2c0ac
GET /yRc51C8/header.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://newmember74.duckdns.org/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	$Magic: PNG image data, 720 x 398, 8-bit colormap, non-interlaced\012- data Size: 53765 Md5: c565a6a54aea99c0df8a5f7ba8615ad5$ 217.182.228.53 HTTP/2 200 OK server: nginx date: Tue, 05 Jul 2022 21:29:27 GMT content-type: image/png content-length: 53765 last-modified: Fri, 01 Nov 2019 15:17:32 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 720 x 398, 8-bit colormap, non-interlaced\012- data Size: 53765 Md5: c565a6a54aea99c0df8a5f7ba8615ad5 Sha1: 7f165a3d203e562583bbab06f8f756b3c8733835 Sha256: 5c4d4dde7b53da22a5ad4c30dfa48c8c9a2e7f10491fabf1fdc3863e077cde01
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: +OJo0k1MMFdUv/s/QdTg2g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	52.40.216.187 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: IfLDSRHdEni3AKOMOothGwug2Gs= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/icon-fb.png HTTP/1.1 Host: newmember74.duckdns.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://newmember74.duckdns.org/login.php	$Magic: PNG image data, 1600 x 1600, 8-bit/color RGBA, non-interlaced\012- data Size: 79439 Md5: 84669eb4301059aa602096c83a13e15f$ 104.208.66.252 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Tue, 05 Jul 2022 21:29:27 GMT Content-Length: 79439 Connection: keep-alive cache-control: public, max-age=604800 expires: Tue, 12 Jul 2022 19:38:08 GMT last-modified: Wed, 19 Feb 2020 20:41:46 GMT x-turbo-charged-by: LiteSpeed Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 1600 x 1600, 8-bit/color RGBA, non-interlaced\012- data Size: 79439 Md5: 84669eb4301059aa602096c83a13e15f Sha1: b8bdde81e76105c7fce0a4a95918074d869c3f75 Sha256: 4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7 Alerts: urlquery: - DynDNS domain detected
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5769 Expires: Tue, 05 Jul 2022 23:05:37 GMT Date: Tue, 05 Jul 2022 21:29:28 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5769 Expires: Tue, 05 Jul 2022 23:05:37 GMT Date: Tue, 05 Jul 2022 21:29:28 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5769 Expires: Tue, 05 Jul 2022 23:05:37 GMT Date: Tue, 05 Jul 2022 21:29:28 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D" Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5769 Expires: Tue, 05 Jul 2022 23:05:37 GMT Date: Tue, 05 Jul 2022 21:29:28 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 88b14e7d8e8c06a7fbc94b02217857ad Sha1: 034816601b832f18309ab4c047269b31a96cc971 Sha256: 611e864d4a64eb7175bded94052a41462e3215d329ef82cbeea70d511b811e8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8553 Md5: e6f97e6b64100081e8bed56216564854$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8553 x-amzn-requestid: 2c1e16d1-357b-493e-bcf7-b4de1a34757f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Utd8tEKYIAMFbmA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c21051-7382cb3050c6f13d70dd3706;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 21:55:29 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: QbUfJjPZPpKjVFzyb0NlS-aXRVWIs4MBDiR_3pNde5dAn7f097K8Lg== via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 03:11:52 GMT age: 65856 etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8553 Md5: e6f97e6b64100081e8bed56216564854 Sha1: 303f4efaa9b98e39a935fc6514d3731d40d2977c Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cf2c77e-1216-468a-93e4-edeb0ef5de0c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5358 Md5: 26979de2a867c073fcdee1d408ff12a2$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 5358 x-amzn-requestid: b4b2e596-5ebb-4c10-81a9-c97e8a420f72 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uwt--HP0IAMFfTw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c35d2c-35cd61767b05dc3337a99b0f;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 21:35:40 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: vP8cyZmESuMiC9jsUmXsEzpR4q2exw4RPVESaRY8IMSR79JOeJug8A== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 21:38:50 GMT age: 85838 etag: "a5e489d3022da6019d7167e74d49f09c7d289b3f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5358 Md5: 26979de2a867c073fcdee1d408ff12a2 Sha1: a5e489d3022da6019d7167e74d49f09c7d289b3f Sha256: 76d2db477c6eb793bddb6526572f2ba00e4067f8736c9f77d515301d7cfad262
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b5149e9-33ff-4147-bde2-5c16d2c85400.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9130 Md5: a0c68898cc187df82b25edc852693e9a$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 9130 x-amzn-requestid: 7a6e4330-591e-41aa-a8fc-2eb50ef7b9dc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UorLgE9UIAMFlSA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c0257c-541a0e3d218259623aceb2d1;Sampled=0 x-amzn-remapped-date: Sat, 02 Jul 2022 11:01:16 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: jNnq1HnAUaS4IEFZtJJMK0Fy9C9QYwp77_FnpN5FJkF55RY5ukQDQw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 05:54:45 GMT age: 56083 etag: "bad0f6fef090a81fd10ef57575424f76b9e73b85" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9130 Md5: a0c68898cc187df82b25edc852693e9a Sha1: bad0f6fef090a81fd10ef57575424f76b9e73b85 Sha256: fedb62c5c89e162540d34eb50f20b2c5b59f100c69e302105b26f90528ec1d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ab971d9-6cfa-459f-978d-a4ff8d5ece46.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6634 Md5: 6fda94b99fcbd70c8154ab55e69b54ee$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 6634 x-amzn-requestid: 044e1960-1137-4282-9cc6-d6cf00fe201a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uk3d6G-coAMF0KQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62be9f8c-585927711b24e49f6fed10cf;Sampled=0 x-amzn-remapped-date: Fri, 01 Jul 2022 07:17:32 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: zDETqGS7kDPcCK9IUOp4jSmgJBYQztUp2OLGKUW4602cip9SdUdTmA== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 07:28:42 GMT age: 50446 etag: "2bd1a129bdf34ac79d6eb084a54e625ca9cdf84e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6634 Md5: 6fda94b99fcbd70c8154ab55e69b54ee Sha1: 2bd1a129bdf34ac79d6eb084a54e625ca9cdf84e Sha256: 77477945f0d6592d5509bf2d8b4c8b0533f897835cfef90a47d782d31096f176
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8718223e-bfad-403b-ae83-afcbd382cadb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8241 Md5: 30f549fff99dd7275484446f9ab89baf$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 8241 x-amzn-requestid: cdabcbe8-5936-4547-8278-8bf49c07bcaf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: UwulYF-SoAMF_yA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c35e22-7591d2de58e1fb0006aff5e8;Sampled=0 x-amzn-remapped-date: Mon, 04 Jul 2022 21:39:46 GMT x-amz-cf-pop: SEA73-P2, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ATEY5g5HAC5x9ql6ofrkFBpjZujElOfZHETPOjiyn4u-B7g4Y8phlw== via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Mon, 04 Jul 2022 21:56:13 GMT age: 84795 etag: "90312a1902b10dc375f39a9e1ef8961c33c0be7d" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8241 Md5: 30f549fff99dd7275484446f9ab89baf Sha1: 90312a1902b10dc375f39a9e1ef8961c33c0be7d Sha256: f17fcd3a8abf75b88cbafef88d1b86d8fb6ef2e500b7320cf4069049a6352b95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82c6fe48-cad7-447d-af08-03e130a67792.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	$Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12087 Md5: 17f863b2083b5221101950ac034a828f$ 34.120.237.76 HTTP/2 200 OK server: nginx content-length: 12087 x-amzn-requestid: 7cd842af-cbdd-46fd-94b0-f67895c350b0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Uq50KFMfoAMF8rA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-62c109b4-77eb5e3e5c01f25f6bf926ee;Sampled=0 x-amzn-remapped-date: Sun, 03 Jul 2022 03:15:00 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: IrVx1Jws840puxW9CzRHUIiEm7tU004lUmBOVLaw-ll_hLEwsIJAzg== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google date: Tue, 05 Jul 2022 04:11:48 GMT age: 62260 etag: "01263eb9c35561bb52cf79d480533392179ad5e1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12087 Md5: 17f863b2083b5221101950ac034a828f Sha1: 01263eb9c35561bb52cf79d480533392179ad5e1 Sha256: 927ad484ccdacdd0d3cf0e7d9a9d4889b6d10613e52095c21c5936002a7e1ff8